github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-13 13:26:01 +03:00
Code Issues Packages Projects Releases Wiki Activity

Fix buffer size for utf8toUnicode transformation

Browse Source
This commit is contained in:
Victor Hora 2018-11-13 20:14:18 -05:00
parent 454669ffed
commit ecad8c6c7e
2 changed files with 5 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
CHANGES
View File

@ -1,7 +1,8 @@
v3.0.4 - YYYY-MMM-DD (to be released)
-------------------------------------
* Fix buffer size for utf8toUnicode transformation
[Issue #1208 - @katef, @victorhora]
v3.0.3 - 2018-Nov-05

4
src/actions/transformations/utf8_to_unicode.cc
View File

@ -72,7 +72,9 @@ char *Utf8ToUnicode::inplace(unsigned char *input,
unsigned char unicode[8];
*changed = 0;
len = input_len * 7 + 1;
/* RFC3629 states that UTF-8 are encoded using sequences of 1 to 4 octets. */
/* Max size per character should fit in 4 bytes */
len = input_len * 4 + 1;
data = reinterpret_cast<char *>(malloc(sizeof(char) * len));
if (data == NULL) {
return NULL;