Re: [xml] Creation of several tickets related to memory corruptions in libxslt

From: Daniel Veillard <veillard redhat com>
To: Nicolas Grégoire <nicolas gregoire agarri fr>
Cc: xml gnome org
Subject: Re: [xml] Creation of several tickets related to memory corruptions in libxslt
Date: Fri, 7 Sep 2012 11:47:21 +0800

On Tue, Jul 31, 2012 at 11:33:52PM +0200, Nicolas Grégoire wrote:

Hello,

I spent some time fuzzing the libxslt engine. The following tickets
describe some identified issues with possible security implications:

Off-by-one write in rc4_decrypt
https://bugzilla.gnome.org/show_bug.cgi?id=675917

Read of previously free'd memory when using func:result
https://bugzilla.gnome.org/show_bug.cgi?id=680920

Off-by-one read in pattern parsing
https://bugzilla.gnome.org/show_bug.cgi?id=680924

Nick Wellnhofer has already proposed some patches (that I didn't test
for the moment). Many thanks to him!


  Okay, everything seems resolved in git head for both project now,

    thanks !

Daniel

-- 
Daniel Veillard      | libxml Gnome XML XSLT toolkit  http://xmlsoft.org/
daniel veillard com  | Rpmfind RPM search engine http://rpmfind.net/
http://veillard.com/ | virtualization library  http://libvirt.org/

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]