github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-16 07:56:12 +03:00
Code Issues Packages Projects Releases Wiki Activity

Fixed bad memory access in utf8ToUnicode class

Browse Source
This commit is contained in:
Felipe Zimmerle 2017-01-06 00:56:52 -03:00 committed by Felipe Zimmerle
parent fd341145d5
commit 068a3eb517
No known key found for this signature in database
GPG Key ID: E6DFB08CE8B11277
1 changed files with 6 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
src/actions/transformations/utf8_to_unicode.cc
View File

@ -92,9 +92,12 @@ char *Utf8ToUnicode::inplace(unsigned char *input,
/* single byte unicode (7 bit ASCII equivilent) has no validation */ /* single byte unicode (7 bit ASCII equivilent) has no validation */
count++; count++;
if (count <= len) { if (count <= len) {
if (c == 0) if (c == 0 && input_len > i + 1) {
*data = utils::string::x2c(&c); unsigned char z[2];
else z[0] = *utf;
z[1] = *(utf + 1);
*data = utils::string::x2c((unsigned char*) &z);
} else
*data++ = c; *data++ = c;
} }
} else if ((c & 0xE0) == 0xC0) { } else if ((c & 0xE0) == 0xC0) {