[vlc-devel] [PATCH] Fix stack overflow in ExecuteCommand
Cheng Sun
cheng.sun at ymail.com
Thu Dec 15 18:49:13 CET 2011
Previous patch forgot to modify an assert.
- Cheng
On 15/12/11 17:14, Cheng Sun wrote:
> Fix ticket #5675
>
> Because ExecuteCommand allocates temporary string space on the stack,
> proportional to the length of the command to execute, a stack overflow can
> occur when the the command is too long.
>
> This can be triggered remotely e.g. from the VLC Web interface, by
> running this
> JavaScript:
>
> sendVLMCmd(Array.prototype.join.call({length:300000},'a'));
>
> which sends a string of length 300000 to ExecuteCommand, crashing VLC.
>
> Patch attached.
>
>
> - Cheng Sun
> _______________________________________________
> vlc-devel mailing list
> To unsubscribe or modify your subscription options:
> http://mailman.videolan.org/listinfo/vlc-devel
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-Fix-stack-overflow-in-ExecuteCommand.patch
Type: text/x-patch
Size: 2252 bytes
Desc: not available
URL: <http://mailman.videolan.org/pipermail/vlc-devel/attachments/20111215/de898cb1/attachment.bin>
More information about the vlc-devel
mailing list