Closed hfiref0x closed 5 years ago
There is a potential memory access outside an array in RpcCoreInit function.
https://github.com/silverf0x/RpcView/blob/c108da277be48accb3c6aaeb4af752a2028069bf/RpcCore/RpcCore.c#L292
while "i" is supposedly array element iterator, iterations count is set to
sizeof(RPC_CORE_RUNTIME_VERSION)
where RPC_CORE_RUNTIME_VERSION is an array of UINT64 type.
With sizeof(RPC_CORE_RUNTIME_VERSION) number of iterations could be 320 (as per 54b08a8 commit) while actual array contain only 40 elements.
There is a potential memory access outside an array in RpcCoreInit function.
https://github.com/silverf0x/RpcView/blob/c108da277be48accb3c6aaeb4af752a2028069bf/RpcCore/RpcCore.c#L292
while "i" is supposedly array element iterator, iterations count is set to
sizeof(RPC_CORE_RUNTIME_VERSION)where RPC_CORE_RUNTIME_VERSION is an array of UINT64 type.
With sizeof(RPC_CORE_RUNTIME_VERSION) number of iterations could be 320 (as per 54b08a8 commit) while actual array contain only 40 elements.