summaryrefslogtreecommitdiffstats
path: root/src
AgeCommit message (Expand)AuthorFilesLines
2017-04-19bplist: Fix integer overflow check (offset table size)Gravatar Nikias Bassen1-3/+17
2017-04-14Initialize safe_year in time64.cGravatar Greg Dennis1-2/+2
2017-04-06Update time64_limits.hGravatar Greg Dennis1-0/+2
2017-04-02xplist: Plug another memory leakGravatar Nikias Bassen1-0/+3
2017-03-29xplist: Prevent memory leak(s) when parsing failsGravatar Nikias Bassen1-2/+2
2017-03-29xplist: Make XML parsing non-recursive to prevent stack overflow on deep-stru...Gravatar Nikias Bassen1-79/+103
2017-03-26bplist: Make sure sanity checks work on 32bit platformsGravatar Nikias Bassen1-10/+14
2017-02-18base64: Prevent undefined shift when parsing invalid base64 encoded dataGravatar Nikias Bassen1-3/+3
2017-02-15xplist: Improve writing of large PLIST_DATA nodes by growing buffer in advanceGravatar Nikias Bassen4-3/+11
2017-02-10bplist: Fix data range check for string/data/dict/array nodesGravatar Nikias Bassen1-6/+6
2017-02-10bplist: Fix integer overflow resulting in OOB heap buffer readGravatar Nikias Bassen1-0/+5
2017-02-09xplist: Fix OOB heap buffer read with empty data nodesGravatar Nikias Bassen1-2/+4
2017-02-09bplist: Make sure to detect integer overflow when handling unicode node sizeGravatar Nikias Bassen1-0/+4
2017-02-09xplist: Prevent assert when parsing CF$UID dict with invalid value nodeGravatar Nikias Bassen1-0/+5
2017-02-08xplist: Use proper variable size for integer from string parsingGravatar Nikias Bassen1-2/+2
2017-02-07plist: Fix assert() to allow 16 or 8 byte integer sizes (16 bytes = unsigned ...Gravatar Nikias Bassen1-1/+1
2017-02-07bplist: Properly handle some more malloc() failure situationsGravatar Nikias Bassen1-3/+18
2017-02-07bplist: Make sure to bail out if malloc() fails in parse_unicode_node()Gravatar Nikias Bassen1-0/+5
2017-02-07bplist: Make sure to bail out if malloc() fails in parse_data_node()Gravatar Nikias Bassen1-0/+5
2017-02-07bplist: Make sure to bail out if malloc() fails in parse_string_node()Gravatar Nikias Bassen1-0/+5
2017-02-07xplist: Prevent some more strncmp related OOB readsGravatar Nikias Bassen1-4/+4
2017-02-07xplist: Really fix OOB read when parsing DOCTYPEGravatar Nikias Bassen1-1/+1
2017-02-07xplist: unescape_entities(): Make sure text part buffer is null terminated af...Gravatar Nikias Bassen1-0/+1
2017-02-07xplist: Fix OOB read when parsing DOCTYPEGravatar Nikias Bassen1-1/+1
2017-02-07xplist: Also fix OOB read in find_char() and find_str() functionsGravatar Nikias Bassen1-0/+8
2017-02-07xplist: Prevent OOB read in two more casesGravatar Nikias Bassen1-0/+10
2017-02-07xplist: Fix OOB read when parsing double quotesGravatar Nikias Bassen1-0/+4
2017-02-07xplist: Fix OOB read when parsing node text contentGravatar Nikias Bassen1-1/+1
2017-02-07xplist: Catch some more error conditionsGravatar Nikias Bassen1-34/+37
2017-02-06xplist: Prevent memory leaks when parsing failsGravatar Nikias Bassen1-37/+20
2017-02-06bplist: Plug memory leak in case parsing a dictionary key failsGravatar Nikias Bassen1-0/+1
2017-02-06bplist: Refine some debug/error messages in parse_dict_node()Gravatar Nikias Bassen1-4/+4
2017-02-05bplist: Suppress compiler warnings about format specifiers in error messagesGravatar Nikias Bassen1-8/+9
2017-02-05bplist: Add error/debug logging (only if configured with --enable-debug)Gravatar Nikias Bassen2-31/+116
2017-02-05bplist: Make sure node data is always before the offset tableGravatar Nikias Bassen1-14/+14
2017-02-05bplist: Make sure the offset table is in the correct rangeGravatar Nikias Bassen1-4/+9
2017-02-05bplist: Make sure node index is smaller than number of objectsGravatar Nikias Bassen1-1/+1
2017-02-04bplist: Fix OOB write on heap buffer and improve recursion checkGravatar Nikias Bassen1-8/+14
2017-02-03bplist: Prevent OOB read when parsing data/string/array/dict size nodesGravatar Nikias Bassen1-0/+2
2017-02-03bplist: Unify size node parsing for data/string/array/dict nodesGravatar Nikias Bassen1-45/+24
2017-02-01bplist: Fix possible out-of-bounds read in parse_array_node() with proper bou...Gravatar Nikias Bassen1-4/+12
2017-02-01bplist: Avoid heap buffer allocation when parsing array/dict/string/data node...Gravatar Nikias Bassen1-20/+25
2017-01-28bplist: Don't duplicate output buffer in plist_to_bin()Gravatar Nikias Bassen1-4/+4
2017-01-28bplist: Improve parsing unicode nodesGravatar Nikias Bassen1-23/+10
2017-01-28bplist: Improve writing of offset tableGravatar Nikias Bassen1-12/+3
2017-01-28bplist: Improve writing of array and dictionary nodesGravatar Nikias Bassen1-54/+17
2017-01-28bplist: Improve writing of data, string, and unicode nodesGravatar Nikias Bassen1-18/+7
2017-01-28bplist: Improve writing of UID nodesGravatar Nikias Bassen1-12/+6
2017-01-28bplist: Improve writing of integer nodesGravatar Nikias Bassen1-21/+12
2017-01-28bplist: Improve real/date node de/serializationGravatar Nikias Bassen1-65/+56