Details
-
Bug
-
Resolution: Unresolved
-
Major
-
4.0.0
-
Security Level: Public
-
None
-
Untriaged
-
Centos 64-bit
-
Unknown
Description
we allow user to supply pre-allocated fdb_doc struct for fdb_iterator_get call. However, there is no validation is the document being scanned in the HB+-trie is smaller or equal in length as the user supplied fdb_doc. This can result in buffer overflows leading to crash.