[vlc-devel] [PATCH] Fix stack overflow in ExecuteCommand
Cheng Sun
chengsun9 at gmail.com
Thu Dec 15 18:14:42 CET 2011
Fix ticket #5675
Because ExecuteCommand allocates temporary string space on the stack,
proportional to the length of the command to execute, a stack overflow can
occur when the the command is too long.
This can be triggered remotely e.g. from the VLC Web interface, by
running this
JavaScript:
sendVLMCmd(Array.prototype.join.call({length:300000},'a'));
which sends a string of length 300000 to ExecuteCommand, crashing VLC.
Patch attached.
- Cheng Sun
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-Fix-stack-overflow-in-ExecuteCommand.patch
Type: text/x-patch
Size: 2268 bytes
Desc: not available
URL: <http://mailman.videolan.org/pipermail/vlc-devel/attachments/20111215/4955b86f/attachment.bin>
More information about the vlc-devel
mailing list