[Date Prev][Date Next][Thread Prev][Thread Next]
- Subject: utf8 library may cause heap corruption
- From: 云风 Cloud Wu <cloudwu@...>
- Date: Thu, 09 Feb 2017 09:15:44 +0000
I found there is a function " static const char *utf8_decode (const char *o, int *val) " in lutf8lib.c . This function can't known the boundary of string o . So it may cause the heap corruption.
For example, I can build a corruption utf8 string, when utf8 function call utf8_decode to read it , it may read the memory out of the string. Or it can't detect the utf8 string is invalid.