wangziqi

icon indicating a website link https://www.tju.edu.cn/

icon company Tianjin University icon location Tianjin icon location Tianjin University in Software engineering

Results 4 issues of wangziqi

LZ4_saveDictHC Crashes on NULL safeBuffer with Non-Zero dictSize Due to Missing Runtime Validation

**Describe the bug** The function LZ4_saveDictHC in lz4hc.c crashes with a segmentation fault (SEGV) when called with safeBuffer = NULL and dictSize > 0. The crash occurs because the function...

Possible Bug in XMLNode::Value()` does not check for null `_value`, leading to crash

1 comment

### 🐞 Bug Report: `XMLNode::Value()` does not check for null `_value`, leading to crash #### 🔤 Summary The `XMLNode::Value()` method in `tinyxml2.cpp` does not perform a null-check on the `_value`...

Possible Bug: Global Buffer Overflow in `tinyxml2::XMLPrinter::PushText(char const*, bool)`

### 🐞 Bug Report: Global Buffer Overflow in `tinyxml2::XMLPrinter::PushText(char const*, bool)` #### 🔤 Summary A **global buffer overflow** vulnerability was identified in the function `tinyxml2::XMLPrinter::PushText(const char*, bool)` located at line...

Posibble Bug: Stack Buffer Underflow in `tinyxml2::XMLPrinter::PrepareForNewNode(bool)`

### 🐞 Bug Report: Stack Buffer Underflow in `tinyxml2::XMLPrinter::PrepareForNewNode(bool)` #### 🔤 Summary A **stack buffer underflow** vulnerability was detected in the function `tinyxml2::XMLPrinter::PrepareForNewNode(bool)` located in `tinyxml2.cpp` at line 2739. The...