Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Poco::Placeholder initialization uses wrong size #4711

Open
obiltschnig opened this issue Sep 26, 2024 · 0 comments
Open

Poco::Placeholder initialization uses wrong size #4711

obiltschnig opened this issue Sep 26, 2024 · 0 comments
Assignees
@obiltschnig
Labels
bug fixed
Milestone
Release 1.14.0

Comments

@obiltschnig
Copy link
Member

While investigating another fuzzing issue failing with an use of uninitialized memory I noticed that the initialization of the holder array with std::memset() in the constructor seems to be wrong.

The constructor uses:

std::memset(holder, 0, sizeof(Placeholder));

whereas the declaration of holder is:

mutable unsigned char holder[SizeV+1]

So, this should be:

std::memset(holder, 0, SizeV+1);

or, maybe even better:

std::memset(holder, 0, sizeof(holder));

The std::memcmp() in isEmpty() correctly uses SizeV+1.

Furthermore, destruct() also uses sizeof(Placeholder) instead of SizeV+1 or sizeof(holder).

cc @aleks-f
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@obiltschnig obiltschnig

Labels
bug fixed
Projects
1.14
Status: Done
Milestone
Release 1.14.0
Development

No branches or pull requests
1 participant
@obiltschnig