]> git.sesse.net Git - ffmpeg/commit
projects / ffmpeg / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 39c1d17) | patch
http: avoid out of bound accesses on broken Set-Cookie headers
authorwm4 <nfxjfg@googlemail.com>
Thu, 8 Mar 2018 03:47:40 +0000 (04:47 +0100)
committerwm4 <nfxjfg@googlemail.com>
Sun, 18 Mar 2018 11:36:24 +0000 (12:36 +0100)
commitc0687acbf6094053834af6a20e9d71b455842c8c
treecbb1929fa71ff08beee62cfd617fd0574bfd83e3tree | snapshot
parent39c1d170a3474a06f4805589d642f605f7ef1436commit | diff
http: avoid out of bound accesses on broken Set-Cookie headers

It's trivial to craft a HTTP response that will make the code for
skipping trailing whitespace access and possibly overwrite bytes outside
of the memory allocation. Why this can happen is blindingly obvious: it
accesses cstr[strlen(cstr)-1] without checking whether the string is
empty.
libavformat/http.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.