diff options
author | Filippo Bigarella | 2016-10-31 02:51:12 +0100 |
---|---|---|
committer | Nikias Bassen | 2016-10-31 02:51:12 +0100 |
commit | 0be2a22a6504635bb89d4fe4402a9dbe851898d4 (patch) | |
tree | 159e0f0f407581108204b087db07010c0c268453 /test/entities.test | |
parent | 6b9ab336fe3408a4f073a487f5265a1a2ed101f7 (diff) | |
download | libplist-0be2a22a6504635bb89d4fe4402a9dbe851898d4.tar.gz libplist-0be2a22a6504635bb89d4fe4402a9dbe851898d4.tar.bz2 |
xplist: Prevent heap buffer overflow when parsing empty tags
If `ctx->pos - p - 1` is greater than `taglen`, we end up writing outside
the buffer pointed to by `tag`. This commit fixes it by checking the bounds
of the heap buffer before writing.
Diffstat (limited to 'test/entities.test')
0 files changed, 0 insertions, 0 deletions