mirror of
https://gitlab.gnome.org/GNOME/glib.git
synced 2025-08-02 15:33:39 +02:00
gcharset: Fix potential negative string offsets in g_get_locale_variants()
The parser was assuming that all three separators (`_@.`) were in order; but the input might not contain them in order. In that case, the parser would have passed negative values to `g_strndup()` which would have been implicitly cast to large positive values, and potentially exposed a lot of memory (until the first nul byte, which was probably quite soon). Expand the existing `g_get_locale_variants()` test to cover some invalid parsing, and add a fuzzing test too. Spotted by `-Wsign-conversion`. Signed-off-by: Philip Withnall <pwithnall@gnome.org> Helps: #3405
This commit is contained in:
Philip Withnall
@@ -25,6 +25,7 @@ fuzz_targets = [
|
||||
'fuzz_date_parse',
|
||||
'fuzz_date_time_new_from_iso8601',
|
||||
'fuzz_dbus_message',
|
||||
'fuzz_get_locale_variants',
|
||||
'fuzz_inet_address_mask_new_from_string',
|
||||
'fuzz_inet_address_new_from_string',
|
||||
'fuzz_inet_socket_address_new_from_string',
|
||||
|
||||
Reference in New Issue
Block a user