github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-09-29 11:16:33 +03:00
Code Issues Packages Projects Releases Wiki Activity

Fix buffer size for utf8toUnicode transformation

Browse Source
This commit is contained in:
Victor Hora
2018-11-13 20:14:18 -05:00
parent 454669ffed
commit ecad8c6c7e
2 changed files with 5 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/actions/transformations/utf8_to_unicode.cc
View File

@@ -72,7 +72,9 @@ char *Utf8ToUnicode::inplace(unsigned char *input,
unsigned char unicode[8];
*changed = 0;
len = input_len * 7 + 1;
/* RFC3629 states that UTF-8 are encoded using sequences of 1 to 4 octets. */
/* Max size per character should fit in 4 bytes */
len = input_len * 4 + 1;
data = reinterpret_cast<char *>(malloc(sizeof(char) * len));
if (data == NULL) {
return NULL;