BigfootDev/flatbuffers
1
0
Fork 1
mirror of https://github.com/google/flatbuffers.git synced 2026-06-01 19:58:15 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
master
flatbuffers/include
History
Rifat Al Jubayer a6979fe14a Fix logic inversion in FlexBuffers VerifyKey() (#9072) 
VerifyKey() returns true on the first non-zero byte instead of
checking for a null terminator. This causes VerifyBuffer() to accept
FlexBuffers with non-null-terminated keys. Subsequent access to those
keys via strlen()/strcmp() reads out of bounds.

The condition if (*p++) should be if (!*p++) — return true
when a null terminator is found, not when any non-zero byte is found.

Confirmed with AddressSanitizer: heap-buffer-overflow in strlen()
after VerifyBuffer() returns true on a corrupted buffer.
2026-05-04 22:11:30 -04:00
..
codegen
[C++] Check for case insensitive keywords (#8420)
2026-01-20 16:06:07 -08:00
flatbuffers
Fix logic inversion in FlexBuffers VerifyKey() (#9072)
2026-05-04 22:11:30 -04:00