• Dridi Boukelmoune's avatar
    vary: Prevent a buffer overflow in VRY_Validate() · e0cb8d32
    Dridi Boukelmoune authored
    We might read past the end of the workspace when no space was available
    at reservation time. This would normally go unnotticed since we used to
    get zeros after the end of workspace marker, and no assertion would
    trigger. It became visible with the previous commit for pointer-aligned
    workspace sizes like the current page-aligned default values.
    
    Initially caught by wssan from #3320.
    
    Fixes #3319
    e0cb8d32
r03319.vtc 298 Bytes