github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-09-29 19:24:29 +03:00
Code Issues Packages Projects Releases Wiki Activity

Fix buffer size for utf8toUnicode transformation

Browse Source
This commit is contained in:
Victor Hora
2018-11-13 20:03:41 -05:00
committed by Felipe Zimmerle
parent d8c711257b
commit b600669d02
2 changed files with 5 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
apache2/msc_util.c
View File

@@ -113,8 +113,9 @@ char *utf8_unicode_inplace_ex(apr_pool_t *mp, unsigned char *input, long int inp
unsigned char *unicode = NULL;
*changed = 0;
len = input_len * 7 + 1;
/* RFC3629 states that UTF-8 are encoded using sequences of 1 to 4 octets. */
/* Max size per character should fit in 4 bytes */
len = input_len * 4 + 1;
data = rval = apr_palloc(mp, len);
if (rval == NULL) return NULL;