mirror of https://github.com/FFmpeg/FFmpeg.git
When the command line for children is created, it is assumed that my_program_name always ends with "ffserver", which doesn't have to be true if ffserver is called through a symbolic link. In such a case, it could be that not enough space for "ffmpeg" is available at the end, leading to a buffer overflow. One example would be: $ ln -s /usr/bin/ffserver ~/f; ~/f As this is only a local buffer overflow, i.e. is based on a weird program call, this has NO security impact. Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>pull/234/merge
parent
fd010406c0
commit
95d9a85ca3
1 changed files with 11 additions and 9 deletions
Loading…
Reference in new issue