Actions
Bug #12352
closedResolve an issue with the Boost spirit grammar implementation for message resource plurals
Start date:
01/24/2024
Due date:
% Done:
0%
Estimated time:
Description
The string that is added as the parameter for WMessageResource::resolvePluralKey, is evaluated by a grammar written with Boost spirit.
This lead to an issue noticed by OSS-Fuzz. While this is not a reasonable attack vector, it can potentially lead to crashes if a developer makes a mistake. While this mistake is likely to be noticed during development, there is a possibility of a typo causing side-effects that should not happen.
The grammar has been made more robust, as to not error out on statements containing unsafe divisions.
Updated by Matthias Van Ceulebroeck 10 months ago
- Status changed from InProgress to Review
- Assignee deleted (
Matthias Van Ceulebroeck)
Updated by Matthias Van Ceulebroeck 10 months ago
- Status changed from Implemented @Emweb to Closed
- Private changed from Yes to No
Updated by Matthias Van Ceulebroeck 10 months ago
- Related to Bug #12374: Resolve an overflow with the Boost spirit grammar implementation for message resource plurals added
Actions