[Mplayer-cvslog] CVS: main/libmpdemux asf_streaming.c,1.40,1.41
Richard Felker CVS
rfelker at mplayerhq.hu
Thu Sep 25 02:36:36 CEST 2003
Update of /cvsroot/mplayer/main/libmpdemux
In directory mail:/var/tmp.root/cvs-serv19707/libmpdemux
Modified Files:
asf_streaming.c
Log Message:
simple fix for buffer overflow (remotely exploitable). feel free to
commit a better fix if you don't like it.
Index: asf_streaming.c
===================================================================
RCS file: /cvsroot/mplayer/main/libmpdemux/asf_streaming.c,v
retrieving revision 1.40
retrieving revision 1.41
diff -u -r1.40 -r1.41
--- asf_streaming.c 15 Aug 2003 19:13:23 -0000 1.40
+++ asf_streaming.c 25 Sep 2003 00:36:04 -0000 1.41
@@ -502,11 +502,11 @@
return NULL;
}
http_set_uri( http_hdr, server_url->url );
- sprintf( str, "Host: %s:%d", server_url->hostname, server_url->port );
+ sprintf( str, "Host: %.220s:%d", server_url->hostname, server_url->port );
url_free( server_url );
} else {
http_set_uri( http_hdr, url->file );
- sprintf( str, "Host: %s:%d", url->hostname, url->port );
+ sprintf( str, "Host: %.220s:%d", url->hostname, url->port );
}
http_set_field( http_hdr, str );
More information about the MPlayer-cvslog
mailing list