[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Libidn serious bug on Windows x64

From: Evgeny Grin
Subject: Libidn serious bug on Windows x64
Date: Tue, 29 Mar 2016 12:16:58 +0300
User-agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:38.0) Gecko/20100101 Thunderbird/38.7.1


While debugging cURL on Windows x64 crash with simple run of "curl -v
http://яндекс.рф";, I discovered that crash caused by calling
tld_check_lz(). Further investigations reveal pointer to size_t is cast
to pointer to long in stringprep_utf8_to_ucs4() which in invalid on
Win64. As result - very high number is stored in items_written and in
tld_get_4() dereferenced an invalid pointer.
I can't make a minimal example to illustrate it as in minimal example
initial nullifying hides the problem. Hope that invalid casting is
obvious problem.

Best Wishes,
Evgeny Grin

Attachment: signature.asc
Description: OpenPGP digital signature

reply via email to

[Prev in Thread] Current Thread [Next in Thread]