Mercurial > hg
diff hgweb.cgi @ 34030:e97be042fa1b
encoding: check overflow while calculating size of JSON escape buffer
The minimum input size to exploit is ~682MB (= INT_MAX / len('\\u0000') * 2)
on 32bit system, which isn't easy to achieve using Python str in 2GB process
address space, but probably doable.
author | Yuya Nishihara <yuya@tcha.org> |
---|---|
date | Thu, 31 Aug 2017 21:56:40 +0900 |
parents | 4b0fc75f9403 |
children | 47ef023d0165 |