StreamReader::ReadFromExternal in RenderDoc prior to 1.27 allows an Integer Overflow with a resultant Buffer Overflow. It uses uint32_t(m_BufferSize-m_InputSize) even though m_InputSize can exceed m_BufferSize.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
renderdoc renderdoc |