Security context

What an agent needs to avoid regressing past fixes and find the next vuln in this repo.

leethomason/tinyxml2
master @ 8224e42
4
Fixes
0
CVEs
HIGH
Peak severity
Highlights
Integer Overflow: 3 prior fixes. Scrutinize any change in this area.
tinyxml2.cpp: most-fixed (3 issues). Treat as high-risk during review.
2 high-severity fixes in this history; regressions here are high-impact.
Recurring patterns

The bug types that recur here, drawn from past fixes, not open vulnerabilities.

Integer Overflow: Extremely large decimal or hexadecimal character references can bypass code-point validation due to integer wrap-around inside ConvertUTF32ToUTF8, leading to out-of-bounds writing or memory safety issues.
Memory Corruption: Failure to safely validate document/file sizes during memory allocation (such as using 32-bit signed types instead of 64-bit unsigned types) can lead to heap buffer overflows during allocation.
Integer Overflow: Returning 'int' for size methods like CStrSize can trigger signed truncation and sign-extension bugs on documents larger than 2GB, resulting in potential buffer miscalculations.