summaryrefslogtreecommitdiffstats
path: root/libziparchive/zip_archive_test.cc
diff options
context:
space:
mode:
authorAdam Vartanian <flooey@google.com>2017-08-14 15:51:29 +0100
committerIvan Kutepov <its.kutepov@gmail.com>2017-11-10 19:20:14 +0300
commite476920fb9015fe75c534bf9bac2190cad67c175 (patch)
treee2d2be7a0198d58420f8a4afd8b675d31b91197b /libziparchive/zip_archive_test.cc
parent4f84775fef93119cb80be7bd93b6bfaf8c02b192 (diff)
downloadsystem_core-e476920fb9015fe75c534bf9bac2190cad67c175.tar.gz
system_core-e476920fb9015fe75c534bf9bac2190cad67c175.tar.bz2
system_core-e476920fb9015fe75c534bf9bac2190cad67c175.zip
Fix integer overflow in utf{16,32}_to_utf8_length
Without an explicit check, the return value can wrap around and return a value that is far too small to hold the data from the resulting conversion. No CTS test is provided because it would need to allocate at least SSIZE_MAX / 2 bytes of UTF-16 data, which is unreasonable on 64-bit devices. Bug: 37723026 Test: run cts -p android.security Change-Id: I56ba5e31657633b7f33685dd8839d4b3b998e586 CVE-2017-0841
Diffstat (limited to 'libziparchive/zip_archive_test.cc')
0 files changed, 0 insertions, 0 deletions
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-27 20:07:41 +0000