| Issue 54: | SRPC Shared Memory Integer Overflow | |
| 3 people starred this issue and may be notified of changes. | Back to list |
Team: Beached As The SRPC Shared Memory implementation contains an integer overflow in the range checking of the write() function, which is callable from javascript. If this method is called with an overly large offset, memory at a negative offset to the allocated shared memory segment can be written to, resulting in memory corruption.
|
|||
,
Mar 25, 2009
(No comment was entered for this change.)
Status: Duplicate
|
|||
 Sign in to add a comment
|
