one byte buffer overread in function purple_markup_linkify
Hanno Böck
hanno at hboeck.de
Fri Apr 14 09:40:15 EDT 2017
Hi,
On Fri, 14 Apr 2017 09:28:22 -0400
Ethan Blanton <elb at pidgin.im> wrote:
> So while I agree that it would be ideal for these methods to be robust
> to invalid UTF-8, they are not. Everything passed to a purple_markup
> function from the network should have been validated as UTF-8 (or
> passed through purple_utf8_salvage or the like to "fix" it if it was
> not).
Okay, thanks for the explanation. So to be clear, maybe this is helpful
for further testing:
If I write a fuzzing test that
1. prepares input ith purple_utf8_salvage
and
2. puts that input through a markup function
then it shouldn't produce any invalid memory access? Thus any input that
would trigger memory safety violations would be considered a bug?
--
Hanno Böck
https://hboeck.de/
mail/jabber: hanno at hboeck.de
GPG: FE73757FA60E4E21B937579FA5880072BBB51E42
More information about the security
mailing list