[xml] Creation of several tickets related to memory corruptions in libxslt
- From: Nicolas Grégoire <nicolas gregoire agarri fr>
- To: xml gnome org
- Cc: veillard redhat com
- Subject: [xml] Creation of several tickets related to memory corruptions in libxslt
- Date: Tue, 31 Jul 2012 21:34:17 -0000
Hello,
I spent some time fuzzing the libxslt engine. The following tickets
describe some identified issues with possible security implications:
Off-by-one write in rc4_decrypt
https://bugzilla.gnome.org/show_bug.cgi?id=675917
Read of previously free'd memory when using func:result
https://bugzilla.gnome.org/show_bug.cgi?id=680920
Off-by-one read in pattern parsing
https://bugzilla.gnome.org/show_bug.cgi?id=680924
Nick Wellnhofer has already proposed some patches (that I didn't test
for the moment). Many thanks to him!
Nicolas
[
Date Prev][Date Next] [
Thread Prev][Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
