mirror/openldap
2
0
Fork 0
mirror of https://git.openldap.org/openldap/openldap.git synced 2025-02-23 14:09:39 +08:00
Code Issues Packages Projects Releases Wiki Activity

ITS#9955 liblunicode: fix buffer size in UTF8bvnormalize

Browse Source 
output buffer may overrun 1 byte for specially crafted approxMatch search filters.
Not exploitable, no operational or security impact.
This commit is contained in:
Howard Chu 2022-11-24 21:32:51 +00:00 committed by Quanah Gibson-Mount
parent 512a99b054
commit 31e6efeb07
1 changed files with 11 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
libraries/liblunicode/ucstr.c
View File

@ -240,6 +240,17 @@ fail:
if ( approx ) {
for ( j = 0; j < ucsoutlen; j++ ) {
if ( ucsout[j] < 0x80 ) {
if ( outpos >= outsize ) {
outsize += ( ucsoutlen - j ) + 1;
outtmp = (char *) ber_memrealloc_x( out, outsize, ctx );
if ( outtmp == NULL ) {
ber_memfree_x( ucsout, ctx );
ber_memfree_x( ucs, ctx );
ber_memfree_x( out, ctx );
goto fail;
}
out = outtmp;
}
out[outpos++] = ucsout[j];
}
}