search

kjdev / hoextdown

Hoextdown is an extension to Hoedown
MIT License
23 stars 15 forks source link

Fix a number of potential 1-byte buffer over-reads. #45

Closed Sjlver closed 6 years ago

Sjlver commented 6 years ago

This patch addresses cases where the parser could read values at data[size]. I'm assuming this is forbidden. However, if data is terminated by a null byte this would be OK; I don't know how data is terminated.

codecov-io commented 6 years ago

Codecov Report

Merging #45 into master will decrease coverage by 0.07%. The diff coverage is 0%.

Impacted file tree graph

@@            Coverage Diff             @@
##           master      #45      +/-   ##
==========================================
- Coverage    61.9%   61.83%   -0.08%     
==========================================
  Files          14       14              
  Lines        3447     3448       +1     
  Branches     1055     1056       +1     
==========================================
- Hits         2134     2132       -2     
  Misses        788      788              
- Partials      525      528       +3
Impacted Files Coverage Δ
src/document.c 70.74% <0%> (-0.15%) :arrow_down:

Continue to review full report at Codecov.

Legend - Click here to learn more Δ = absolute <relative> (impact), ø = not affected, ? = missing data Powered by Codecov. Last update c1326e3...0c11d43. Read the comment docs.

kjdev commented 6 years ago

Thanks.