This repository has been archived by the owner on Apr 9, 2020. It is now read-only.
Look out for size-based calculations that break on integer overflow #12
Comments
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
e.g., (ws->offset + (sz) >= ws->size) (in ensure_writable)
This is unlikely to occur in normal practice, but could be used in an attack.
The text was updated successfully, but these errors were encountered: