summaryrefslogtreecommitdiffstats
path: root/fuzz/jplist-crashes/clusterfuzz-testcase-minimized-jplist_fuzzer-5149455463088128
diff options
context:
space:
mode:
authorGravatar Nikias Bassen2022-01-31 03:27:42 +0100
committerGravatar Nikias Bassen2022-01-31 03:27:42 +0100
commit8ea84caa3cba801c4f240648a6b7919e9b3e0b0d (patch)
tree3ec89ca7e0ed28ead0c76e8e9abc46fae0c6dbfc /fuzz/jplist-crashes/clusterfuzz-testcase-minimized-jplist_fuzzer-5149455463088128
parent7ddb1bd9e1d8bba58295d2e7e4872bcc6386968c (diff)
downloadlibplist-8ea84caa3cba801c4f240648a6b7919e9b3e0b0d.tar.gz
libplist-8ea84caa3cba801c4f240648a6b7919e9b3e0b0d.tar.bz2
jplist: Fix OOB read in parse_primitive caused by missing 0-termination
In parse_primitive, integer and double values are parsed by using strtoll and atof, which both expect the string to be 0-terminated. While this is not a problem in well-formed JSON files, it can be if the JSON data is not, possibly leading to a crash due to OOB memory access. This commit fixes it by copying the value data in question to a stack buffer and 0-terminate it, and use that buffer instead. Credit to OSS-Fuzz
Diffstat (limited to 'fuzz/jplist-crashes/clusterfuzz-testcase-minimized-jplist_fuzzer-5149455463088128')
0 files changed, 0 insertions, 0 deletions