[vlc-commits] modules/access/live555.cpp: Fix crash parsing H264 config
Will Newton
git at videolan.org
Thu Mar 28 18:20:27 CET 2019
vlc | branch: master | Will Newton <will.newton at gmail.com> | Tue Mar 19 22:59:34 2019 +0000| [6dee6325ec2cb5d01c9a5247d443109b6aaaeb8c] | committer: Rémi Denis-Courmont
modules/access/live555.cpp: Fix crash parsing H264 config
The buffer allocated for parsing the H264 config string is not
sufficient, causing a possible heap overflow. Size the buffer
more accurately to prevent this happening.
Signed-off-by: Rémi Denis-Courmont <remi at remlab.net>
> http://git.videolan.org/gitweb.cgi/vlc.git/?a=commit;h=6dee6325ec2cb5d01c9a5247d443109b6aaaeb8c
---
modules/access/live555.cpp | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/modules/access/live555.cpp b/modules/access/live555.cpp
index 364b638d0c..9d6e01ae32 100644
--- a/modules/access/live555.cpp
+++ b/modules/access/live555.cpp
@@ -2348,7 +2348,7 @@ static unsigned char* parseH264ConfigStr( char const* configStr,
}
}
- size_t configMax = 5*strlen(dup);
+ size_t configMax = 4*i_records+strlen(configStr);
unsigned char *cfg = new unsigned char[configMax];
psz = dup;
for( size_t i = 0; i < i_records; ++i )
More information about the vlc-commits
mailing list