PHP (IBB): Heap overflow in utf32be_mbc_to_code

2019-01-07T20:15:56
ID H1:476168
Type hackerone
Reporter haquaman
Modified 2020-11-09T01:48:51

Description

https://bugs.php.net/bug.php?id=77418

Buffer overflow in mbc_to_code functions for UTF32BE, UTF32LE, UTF16BE, and UTF16LE due to incorrect length assumptions of a buffer. Provided a patch that was adapted to check the length of the buffer prior to using it.

Impact

Memory leakage and/or corruption