Package: libhangul
Version: 0.0.4-2
There are numerous calls to malloc in this library which are not
checked. malloc is always able to return 0 and the library should be
prepared to cope with this.
Furthermore, there are quite a few places with constructions of this
form:
combination->table = malloc(sizeof(HangulCombinationItem) * n);
This is susceptible to an integer multiply overflow bug if n is
large.
In particular, if an untrusted caller can cause n to be large enough
to overflow the multiplication then this will usually result in a
security vulnerability. I don't think this is true in this library
because all of the hangul data, and even the input configuration, is
supposed to be trustworthy. But it should still be fixed.
Regards,
Ian.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
