[vlc-devel] [PATCH] Fix stack overflow in ExecuteCommand

Cheng Sun chengsun9 at gmail.com
Thu Dec 15 18:14:42 CET 2011

Fix ticket #5675

Because ExecuteCommand allocates temporary string space on the stack,
proportional to the length of the command to execute, a stack overflow can
occur when the the command is too long.

This can be triggered remotely e.g. from the VLC Web interface, by
running this


which sends a string of length 300000 to ExecuteCommand, crashing VLC.

Patch attached.

- Cheng Sun
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-Fix-stack-overflow-in-ExecuteCommand.patch
Type: text/x-patch
Size: 2268 bytes
Desc: not available
URL: <http://mailman.videolan.org/pipermail/vlc-devel/attachments/20111215/4955b86f/attachment.bin>

More information about the vlc-devel mailing list