String::createDynamic has a memory overwrite

VERIFIED INVALID

Status

Tamarin
Virtual Machine
VERIFIED INVALID
8 years ago
7 years ago

People

(Reporter: Tommy Reilly, Unassigned)

Tracking

Details

(Reporter)

Description

8 years ago
Just in debug builds, so don't get excited. It writes 0 to buffer[len] but only allocated len.   The new debug page allocator crashes on this write, its a beautiful thing!
(Reporter)

Comment 1

8 years ago
False alarm this code uses GC::Size to check that the overwrite is safe, that it was crashing in the page guard allocator was a bug in the page guard allocator.
Status: NEW → RESOLVED
Last Resolved: 8 years ago
Resolution: --- → INVALID

Comment 2

7 years ago
bulk verifying resolved !fixed issues
Status: RESOLVED → VERIFIED
You need to log in before you can comment on or make changes to this bug.