DIBF icon indicating copy to clipboard operation
DIBF copied to clipboard
verified publisher icon nccgroup

Fix minimum bufsize problem

Open bhollemb opened this issue 9 years ago • 0 comments

If the upper bound of the buffer size is less than sizeof(dword), memory corruption will occur and cause crashes in DIBF. It appears to be related to the following line, but this assumption may occur elsewhere as well.

"if(position<ioStore[ioctlIndex].dwUpperSize-sizeof(DWORD)) {" https://github.com/iSECPartners/DIBF/blob/master/dibf/FuzzingProvider.cpp#L91

bhollemb avatar Sep 26 '16 23:09 bhollemb