h3-js is vulnerable to Memory Corruption
55
Medium Risk
The gridDisk and gridDiskDistances functions in h3-js derive an output buffer size from the caller-supplied ringSize and pass it directly to the WebAssembly allocator via _calloc without validating the resulting byte length. When ringSize is large, the unchecked allocation corrupts the shared WebAssembly heap, so later valid calls into the module return wrong results or fail. The fix adds a callocArray helper that caps allocations at a maximum byte length and throws E_MEMORY_ALLOC before the unsafe allocation occurs. Regression tests confirm oversized requests no longer break subsequent calls.
You are affected if you are using a version that falls within the vulnerable range and pass an untrusted or unbounded ringSize to gridDisk or gridDiskDistances.
h3-js is vulnerable to Memory Corruption in versions 4.0.0 - 4.4.0.
Upgrade the h3-js library to the patch version.
Connect your repositories to instantly see whether vulnerable or malicious packages exist in your codebase.
Free. No credit card required.

SOC 2Compliant
ISO 27001Compliant