out of bounds access in _canonicalize

Description

len can be greater than nameCapacity here:
http://bugs.icu-project.org/trac/browser/icu/trunk/source/common/uloc.cpp#L1808

It also looks possible for len to be zero here and a few lines above.

Activity

Show:
TracBot
July 1, 2018, 12:22 AM
Trac Comment 2 by —2011-12-07T20:26:36.495Z

It's reported against Chrome ( http://crbug.com/106441 ). (sorry I forgot the macro for Chrome bug)

TracBot
July 1, 2018, 12:22 AM
Trac Comment 6 by —2012-08-03T20:31:33.989Z
TracBot
July 1, 2018, 12:22 AM
Trac Comment 7 by —2012-08-03T20:34:39.108Z

Assignee

ibmer@icu-project.org

Reporter

TracBot

Components

Labels

None

Reviewer

None

Priority

assess

Time Needed

None

Fix versions

Configure