NULL pointer dereference in D4ParserSax2

Description

Reported on Github by GwanYeong Kim

Summary

memory error (invalid write of size 4) in vsnprnt caused by the percent characters (%) in the xml file (attached) specifically designed to look for memory corruption (fuzzing), whereby security experts look for the bits that cause a particular crash and determine if they are exploited.

Specifically,

returns (just including useful portion):

Minimal crash file from GwanYeong Kim <gy741.kim@gmail.com>

Environment

None

Status

Assignee

James Gallagher

Reporter

Uday Kari

Labels

None

Epic Link

Components

Sprint

None

Priority

Medium
Configure