oss-sec mailing list archives

CVE request: pyfribidi buffer overflow flaw

From: Vincent Danen <vdanen () redhat com>
Date: Wed, 14 Mar 2012 09:24:47 -0600

Could a CVE be assigned for this issue please?  I don't think it's come
through here yet.

A buffer overflow flaw was reported in pyfribidi's
fribidi_utf8_to_unicode() function, due to it handling at most 3 bytes
for a single unicode character.  If a 4-byte utf-8 sequence was
supplied, it would generate 2 unicode characters which would overflow
the logical buffer.  This has been fixed in pyfribidi 0.11.

References:

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=663189
https://github.com/pediapress/pyfribidi/issues/2
https://github.com/pediapress/pyfribidi/commit/d2860c655357975e7b32d84e6b45e98f0dcecd7a
http://www.securityfocus.com/bid/52451/info
https://bugzilla.redhat.com/show_bug.cgi?id=801896

--

Vincent Danen / Red Hat Security Response Team

Current thread:

CVE request: pyfribidi buffer overflow flaw Vincent Danen (Mar 14)
- Re: CVE request: pyfribidi buffer overflow flaw Kurt Seifried (Mar 14)