Skip to content
Commit 08ab2774 authored by Nick Wellnhofer's avatar Nick Wellnhofer
Browse files

Check for integer overflow in xsltAddTextString 

Limit buffer size in xsltAddTextString to INT_MAX. The issue can be
exploited to trigger an out of bounds write on 64-bit systems.

Originally reported to Chromium:

https://crbug.com/676623
parent 8ee72e49
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment