Description: libcroco is a Generic Cascading Style Sheet (CSS) parsing and manipulation toolkit. A fuzz on it discovered and heap overflow and an undefined behavior. The complete ASan output: # csslint-0.6 $FILE ==9246==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x60400000007a at pc … Continue reading libcroco: heap overflow and undefined behavior