cn-cbor icon indicating copy to clipboard operation
cn-cbor copied to clipboard
verified publisher icon cabo

Look out for size-based calculations that break on integer overflow

Open cabo opened this issue 11 years ago • 0 comments

e.g., (ws->offset + (sz) >= ws->size) (in ensure_writable) This is unlikely to occur in normal practice, but could be used in an attack.

cabo avatar Apr 03 '15 11:04 cabo