Re: [xml] Creation of several tickets related to memory corruptions in libxslt

On Tue, Jul 31, 2012 at 11:33:52PM +0200, Nicolas Grégoire wrote:

I spent some time fuzzing the libxslt engine. The following tickets
describe some identified issues with possible security implications:

Off-by-one write in rc4_decrypt

Read of previously free'd memory when using func:result

Off-by-one read in pattern parsing

Nick Wellnhofer has already proposed some patches (that I didn't test
for the moment). Many thanks to him!

  Okay, everything seems resolved in git head for both project now,

    thanks !


Daniel Veillard      | libxml Gnome XML XSLT toolkit
daniel veillard com  | Rpmfind RPM search engine | virtualization library

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]