Gửi #778638: michaelrsweet mxml 4.0.4 Heap-based Buffer Overflowthông tin

tiêu đềmichaelrsweet mxml 4.0.4 Heap-based Buffer Overflow
Mô tảWhile fuzzing the latest version of mxml using SynFuzz and AddressSanitizer, I discovered a heap-buffer-overflow (specifically, an out-of-bounds read with a negative offset) in the index_sort function within mxml-index.c. The vulnerability is triggered when a specifically malformed XML structure is parsed and subsequently passed to mxmlIndexNew to build an index. During the node sorting phase, an array pointer or index appears to decrement past the starting boundary of the allocated node array, resulting in an 8-byte read before the allocated 128-byte heap region. https://github.com/michaelrsweet/mxml/issues/350
Nguồn⚠️ https://github.com/michaelrsweet/mxml/issues/350
Người dùng
 MTHG (UID 83728)
Đệ trình12/03/2026 13:31 (cách đây 4 các tháng)
Kiểm duyệt27/03/2026 17:23 (15 days later)
Trạng tháiđược chấp nhận
Mục VulDB353963 [mxml đến 4.0.4 mxmlIndexNew mxml-index.c index_sort tempr tràn bộ đệm]
điểm20

Do you want to use VulDB in your project?

Use the official API to access entries easily!