BigfootDev/flatbuffers
1
0
Fork 1
mirror of https://github.com/google/flatbuffers.git synced 2026-06-07 13:53:38 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add size check to fix out of bounds read risk (#7304)

Browse Source
This commit is contained in:
Björn Harrtell
2022-05-14 00:15:00 +02:00
committed by GitHub
parent 12917af8a2
commit 74a25536be
1 changed files with 4 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
include/flatbuffers/verifier.h
View File

@@ -164,10 +164,11 @@ class Verifier FLATBUFFERS_FINAL_CLASS {
// gives the result we want.
auto vtableo = tableo - static_cast<size_t>(ReadScalar<soffset_t>(table));
// Check the vtable size field, then check vtable fits in its entirety.
return VerifyComplexity() && Verify<voffset_t>(vtableo) &&
if (!( VerifyComplexity() && Verify<voffset_t>(vtableo) &&
VerifyAlignment(ReadScalar<voffset_t>(buf_ + vtableo),
sizeof(voffset_t)) &&
Verify(vtableo, ReadScalar<voffset_t>(buf_ + vtableo));
sizeof(voffset_t)))) return false;
auto vsize = ReadScalar<voffset_t>(buf_ + vtableo);
return Check((vsize & 1) == 0) && Verify(vtableo, vsize);
}
template<typename T>