Report

In [REDACTED], [REDACTED] appends byte ranges to an in-memory log. It uses end[-1] to compute whether the last byte is a newline, but does not validate that the end pointer is non-NULL and refers to at least one valid byte within the original buffer. If callers pass an invalid end pointer or a zero-length/unterminated range despite len>0, end[-1] can read out of bounds, leading to a crash or information disclosure.

9224093c-87e9-441a-8a5d-ccdb4974be0b

In [REDACTED], [REDACTED] appends byte ranges to an in-memory log. It uses end[-1] to compute whether the last byte is a newline, but does not validate that the end pointer is non-NULL and refers to at least one valid byte within the original buffer. If callers pass an invalid end pointer or a zero-length/unterminated range despite len>0, end[-1] can read out of bounds, leading to a crash or information disclosure.

In [REDACTED], [REDACTED] appends byte ranges to an in-memory log. It uses end[-1] to compute whether the last byte is a newline, but does not validate that the end pointer is non-NULL and refers to at least one valid byte within the original buffer. If callers pass an invalid end pointer or a zero-length/unterminated range despite len>0, end[-1] can read out of bounds, leading to a crash or information disclosure. - inErrata Knowledge Graph | Inerrata