From 0b4251d8010298169fa635519888f0ac3e683542 Mon Sep 17 00:00:00 2001 From: Lauri Nurmi Date: Wed, 29 Oct 2025 16:41:20 +0200 Subject: [PATCH] Fix heap-buffer overflow in MOParser's loadFile: Because buf[translations[i].length] and buf[originals[i].length] are set to '\0', we must reserve one extra byte for the nul; .length is not quite big enough. The issue was detected using Xcode's AddressSanitizer. --- POLocalizedString/MOParser.m | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/POLocalizedString/MOParser.m b/POLocalizedString/MOParser.m index 9a380eb..cf1f3b0 100644 --- a/POLocalizedString/MOParser.m +++ b/POLocalizedString/MOParser.m @@ -119,7 +119,7 @@ + (nullable Gettext *)loadFile:(NSString *)path { } // allocate or reallocate string buffer if necessary - newbufsize = MAX(256, MAX(translations[i].length, originals[i].length)); + newbufsize = MAX(256, MAX(translations[i].length, originals[i].length)) + 1; if(bufsize < newbufsize) { bufsize = newbufsize;