Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2021-28874: LibTextCodec: Make UTF16BEDecoder read only up to an even offset · SerenityOS/serenity@c9f25bc

SerenityOS fixed as of c9f25bca048443e317f1994ba9b106f2386688c3 contains a buffer overflow vulnerability in LibTextCode through opening a crafted file.

CVE
Open in Source
#vulnerability#git#buffer_overflow#auth

Skip to content

Sign up

    • Actions

      Automate any workflow

    • Packages

      Host and manage packages

    • Security

      Find and fix vulnerabilities

    • Codespaces

      Instant dev environments

    • Copilot

      Write better code with AI

    • Code review

      Manage code changes

    • Issues

      Plan and track work

    • Discussions

      Collaborate outside of code

*   Explore
*   All features
*   Documentation
*   GitHub Skills
*   Blog

    • For

    • Enterprise

    • Teams

    • Startups

    • Education

    • By Solution

    • CI/CD & Automation

    • DevOps

    • DevSecOps

    • Case Studies

    • Customer Stories

    • Resources

    • GitHub Sponsors

      Fund open source developers

*   The ReadME Project
    
    GitHub community articles
    

*   Repositories
*   Topics
*   Trending
*   Collections

  • Pricing

  • In this repository All GitHub

  • No suggested jump to results

  • In this repository All GitHub

  • In this organization All GitHub

  • In this repository All GitHub

Sign in

Sign up

SerenityOS / serenity Public

  • Notifications
  • Fork 2.5k
  • Star 23.2k
  • Code
  • Issues 535
  • Pull requests 112
  • Actions
  • Security
  • Insights

More

Permalink

Browse files

LibTextCodec: Make UTF16BEDecoder read only up to an even offset

Reading up to the end of the input string of odd length results in an out-of-bounds read

  • Loading branch information

IdanHo authored and awesomekling committed

Mar 15, 2021

1 parent 7156b61 commit c9f25bca048443e317f1994ba9b106f2386688c3

Showing 1 changed file with 2 additions and 1 deletion.

3 Userland/Libraries/LibTextCodec/Decoder.cpp

Show comments View file

@@ -183,7 +183,8 @@ String UTF8Decoder::to_utf8(const StringView& input)

String UTF16BEDecoder::to_utf8(const StringView& input)

{

StringBuilder builder(input.length() / 2);

for (size_t i = 0; i < input.length(); i += 2) {

size_t utf16_length = input.length() - (input.length() % 2);

for (size_t i = 0; i < utf16_length; i += 2) {

u16 code_point = (input[i] << 8) | input[i + 1];

builder.append_code_point(code_point);

}

0 comments on commit c9f25bc

Please sign in to comment.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE