BigfootDev/flatbuffers
1
0
Fork 1
mirror of https://github.com/google/flatbuffers.git synced 2026-06-02 04:04:19 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix heap-buffer-overflow if there is a struct within a union

Browse Source 
The validator previously did not check if a struct within a union was
valid, causing a heap buffer overflow.  Add a check to make sure that
the struct is valid in this case.

Change-Id: I87d41b12fdfc2a99406789531ba92b841c063c76
This commit is contained in:
Wouter van Oortmerssen
2019-04-19 11:49:49 -07:00
parent ecd76e898d
commit 5b43e4bbb8
2 changed files with 5 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
src/idl_gen_cpp.cpp
View File

@@ -1213,7 +1213,8 @@ class CppGenerator : public BaseGenerator {
" auto ptr = reinterpret_cast<const {{TYPE}} *>(obj);";
if (ev.union_type.base_type == BASE_TYPE_STRUCT) {
if (ev.union_type.struct_def->fixed) {
code_ += " return true;";
code_ += " return verifier.Verify<{{TYPE}}>(static_cast<const "
"uint8_t *>(obj), 0);";
} else {
code_ += getptr;
code_ += " return verifier.VerifyTable(ptr);";