Submeter #778638: michaelrsweet mxml 4.0.4 Heap-based Buffer Overflowinformação

Títulomichaelrsweet mxml 4.0.4 Heap-based Buffer Overflow
DescriçãoWhile fuzzing the latest version of mxml using SynFuzz and AddressSanitizer, I discovered a heap-buffer-overflow (specifically, an out-of-bounds read with a negative offset) in the index_sort function within mxml-index.c. The vulnerability is triggered when a specifically malformed XML structure is parsed and subsequently passed to mxmlIndexNew to build an index. During the node sorting phase, an array pointer or index appears to decrement past the starting boundary of the allocated node array, resulting in an 8-byte read before the allocated 128-byte heap region. https://github.com/michaelrsweet/mxml/issues/350
Fonte⚠️ https://github.com/michaelrsweet/mxml/issues/350
Utilizador
 MTHG (UID 83728)
Submissão12/03/2026 13h31 (há 17 dias)
Moderação27/03/2026 17h23 (15 days later)
EstadoAceite
Entrada VulDB353963 [mxml até 4.0.4 mxmlIndexNew mxml-index.c index_sort tempr Excesso de tampão]
Pontos20

VoltarVisão GeralPróximo

Want to stay up to date on a daily basis?

Enable the mail alert feature now!