Heap overflow in utf32be_mbc_to_code

Disclosed: 2020-11-09 01:48:51 By haquaman To ibb

Critical

Vulnerability Details

https://bugs.php.net/bug.php?id=77418 Buffer overflow in mbc_to_code functions for UTF32BE, UTF32LE, UTF16BE, and UTF16LE due to incorrect length assumptions of a buffer. Provided a patch that was adapted to check the length of the buffer prior to using it. ## Impact Memory leakage and/or corruption

Actions

View on HackerOne

Report Stats

Report ID: 476168
State: Closed
Substate: resolved
Upvotes: 3

Heap overflow in utf32be_mbc_to_code

Vulnerability Details

Actions

Report Stats

Share this report