Chiebot-Mirror
/
FFmpeg
mirror of https://github.com/FFmpeg/FFmpeg.git
8
0
Fork 0
Code Issues Projects Releases Wiki Activity

http: avoid out of bound accesses on broken Set-Cookie headers

Browse Source 
It's trivial to craft a HTTP response that will make the code for
skipping trailing whitespace access and possibly overwrite bytes outside
of the memory allocation. Why this can happen is blindingly obvious: it
accesses cstr[strlen(cstr)-1] without checking whether the string is
empty.
pull/283/head
wm4 7 years ago
parent 39c1d170a3
commit c0687acbf6
1 changed files with 3 additions and 0 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 3
      libavformat/http.c

3
libavformat/http.c
Unescape View File

@ -750,6 +750,9 @@ static int parse_set_cookie(const char *set_cookie, AVDictionary **dict)
{
char *param, *next_param, *cstr, *back;
if (!set_cookie[0])
return 0;
if (!(cstr = av_strdup(set_cookie)))
return AVERROR(EINVAL);

Write Preview
Loading…
Cancel
Save