LogMessageBuffer::vwrite doesn't check os::vsnprintf's return value before casting the return value to size_t and using it for a memory allocation. As os::vsnprintf can return negative values this may cause a wraparound and a massive memory allocation.
-
Johan Sjölen
-
Johan Sjölen
- Votes:
-
0 Vote for this issue
- Watchers:
-
3 Start watching this issue
- Created:
- Updated:
- Resolved: