[XERCESC-2235] DFAContentModel::buildDFA(): correctly zero-initialize fFollowList - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: 3.2.3
Fix Version/s: 3.2.4, 4.0.0
Component/s: None
Labels:
None

External issue URL:
https://github.com/apache/xerces-c/pull/45

Description

Due to a copy&paste issue, the intended zero-initialization of
fFollowList wasn't done (copy&paste issue), and thus in case of
OutOfMemory exception when initializing the array, the memory freeing in
cleanup() could access uninitialized elements.

Follow-up of https://github.com/apache/xerces-c/pull/40 / a65990d79d3fc333d7481f010da4e165a88b6cb3

Fixes GDAL's https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=42636

Attachments

Issue Links

links to

GitHub Pull Request #45

Activity

People

Assignee:: Scott Cantor

Reporter:: Even Rouault

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 20/Dec/21 19:17

Updated:: 06/Oct/22 12:46

Resolved:: 06/Oct/22 12:46