An issue was discovered in Oniguruma 6.x before 6.9.4rc2. In the function gb18030mbcenclen in file gb18030.c, a UChar pointer is dereferenced without checking if it passed the end of the matched string. This leads to a heap-based buffer over-read.
{ "vanir_signatures": [ { "signature_version": "v1", "deprecated": false, "digest": { "threshold": 0.9, "line_hashes": [ "18679750778586343771741350755993589288", "103368106136942227172244566078932066273", "257727887412231991059145261695986113402", "99731926145027407046045989165921264745", "173237864390474915165548571384207574271", "290228417168798604629944627181754726158", "215947174697766211659352546659917433609", "174440583955296606380940663435750254051", "250394807291303202205505094138654332177" ] }, "id": "CVE-2019-19203-563c27e4", "source": "https://github.com/kkos/oniguruma/commit/681824e81bb5fc9bbd4dfbe7a07135337129537e", "signature_type": "Line", "target": { "file": "harnesses/encode-harness.c" } }, { "signature_version": "v1", "deprecated": false, "digest": { "length": 2816.0, "function_hash": "267334844810435515714121622196231420596" }, "id": "CVE-2019-19203-718d8559", "source": "https://github.com/kkos/oniguruma/commit/681824e81bb5fc9bbd4dfbe7a07135337129537e", "signature_type": "Function", "target": { "function": "LLVMFuzzerTestOneInput", "file": "harnesses/encode-harness.c" } } ] }