New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Buffer out of bounds access through pointer in rapidxml [ASAN] #443

Open

stevetranby opened this issue May 19, 2022 · 1 comment

stevetranby commented May 19, 2022 •

edited

Loading

I'm not sure if there's an issue for this, but the check if beyond end of string should be tested before dereferencing the pointer to the buffer.

cocos2d-x-3rd-party-libs-bin/rapidxml/rapidxml.hpp

Line 1424 in 14040db

if (*text == 0 || text >= endptr_)

e.g. (should check if gone past end first, otherwise check if it points to a null terminator \0 character):

//if (*text == 0 || text >= endptr_)
if (text >= endptr_ || *text == 0)
                    break;

The text was updated successfully, but these errors were encountered:

dumganhar commented May 20, 2022

Yep, I think it should check whether the text pointer is valid first. Otherwise, it will read an invalid byte.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment