Closed
Bug 1256968
Opened 9 years ago
Closed 9 years ago
hunspell: heap-buffer-overflow write in [@u16_u8]
Categories
(Core :: Spelling checker, defect)
Core
Spelling checker
Tracking
()
RESOLVED
FIXED
mozilla49
People
(Reporter: tsmith, Unassigned)
References
Details
(4 keywords, Whiteboard: [adv-main47+][adv-esr45.2+][post-critsmash-triage])
Attachments
(2 files)
Found in hunspell revision ded5b4c62c37084d216154e02e4d5e6efbd3ccfa To reproduce: run ./src/tools/example tests/base_utf.aff tests/base_utf.dic test_case.txt ==3129==ERROR: AddressSanitizer: stack-buffer-overflow on address 0x7f90fe400380 at pc 0x00000057f5c2 bp 0x7ffd8da31a20 sp 0x7ffd8da31a18 WRITE of size 1 at 0x7f90fe400380 thread T0 ...
Reporter | ||
Comment 1•9 years ago
|
||
Comment 2•9 years ago
|
||
git master now passes this test under asan
Comment 3•9 years ago
|
||
Tyson, can we figure out how to update this so we get this fix? Thanks.
Flags: needinfo?(twsmith)
Comment 5•9 years ago
|
||
Should be fixed on trunk by bug 1257902.
Status: NEW → RESOLVED
Closed: 9 years ago
status-firefox49:
--- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla49
Updated•9 years ago
|
Group: dom-core-security → core-security-release
Comment 6•8 years ago
|
||
[Tracking Requested - why for this release]:
status-firefox46:
--- → wontfix
status-firefox47:
--- → fixed
status-firefox48:
--- → fixed
status-firefox-esr38:
--- → wontfix
status-firefox-esr45:
--- → fixed
tracking-firefox-esr45:
--- → 47+
Depends on: 1269941
Updated•8 years ago
|
Whiteboard: [adv-main47+][adv-esr45.2+]
Updated•8 years ago
|
Whiteboard: [adv-main47+][adv-esr45.2+] → [adv-main47+][adv-esr45.2+][post-critsmash-triage]
Updated•8 years ago
|
Group: core-security-release
You need to log in
before you can comment on or make changes to this bug.
Description
•