diff options
author | Nikias Bassen | 2023-01-17 01:26:58 +0100 |
---|---|---|
committer | Nikias Bassen | 2023-01-17 01:26:58 +0100 |
commit | 85f5cbd3705b34fcc52009ca51d8167ab18764fa (patch) | |
tree | 17184b2653fbedb291101b40f8593a8aa94d32b2 /src | |
parent | f31ab3835bb4bf8e574e9920ef9f17359163cbd3 (diff) | |
download | libplist-85f5cbd3705b34fcc52009ca51d8167ab18764fa.tar.gz libplist-85f5cbd3705b34fcc52009ca51d8167ab18764fa.tar.bz2 |
oplist: Fix another OOB read
Credit to OSS-Fuzz
Diffstat (limited to 'src')
-rw-r--r-- | src/oplist.c | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/src/oplist.c b/src/oplist.c index 8936cce..4dd0df5 100644 --- a/src/oplist.c +++ b/src/oplist.c @@ -715,6 +715,13 @@ static int node_from_openstep(parse_ctx ctx, plist_t *plist) plist_free_data(data); goto err_out; } + if (ctx->pos >= ctx->end) { + byte_array_free(bytes); + plist_free_data(data); + PLIST_OSTEP_ERR("EOF while parsing data terminator '>' at offset %ld\n", ctx->pos - ctx->start); + ctx->err++; + goto err_out; + } if (*ctx->pos != '>') { byte_array_free(bytes); plist_free_data(data); |