[vlc-devel] CVE-2019-13602 Heap Based Buffer Overflow Vulnerability
Rémi Denis-Courmont
remi at remlab.net
Tue Jul 16 19:04:14 CEST 2019
Le tiistaina 16. heinäkuuta 2019, 19.58.57 EEST Francois Cartegnie a écrit :
> Le 16/07/2019 à 18:37, Rémi Denis-Courmont a écrit :
> > Also smart asses will note that block_Alloc() always adds a margin of
> > 32-bytes at the end of the block buffer. So, in general, the worse
> > outcome of a read "overflow" of 4 bytes is leakage of memory content. And
> > in this specific case, literally nothing will happen other than the code
> > being ugly.
>
> So you're not the one to disagree to use block_t here ?
Your obvious trolling has been reported.
Also plonk.
--
Реми Дёни-Курмон
http://www.remlab.net/
More information about the vlc-devel
mailing list