[MPlayer-cvslog] CVS: main/libmpdemux asf.h, 1.18, 1.19 asfheader.c, 1.47, 1.48 demux_asf.c, 1.45, 1.46
Ivan Kalvachev
ikalvachev at gmail.com
Thu Mar 30 10:12:55 CEST 2006
- Previous message: [MPlayer-cvslog] CVS: main/libmpdemux asf.h, 1.18, 1.19 asfheader.c, 1.47, 1.48 demux_asf.c, 1.45, 1.46
- Next message: [MPlayer-cvslog] CVS: main/libmpdemux asf.h, 1.18, 1.19 asfheader.c, 1.47, 1.48 demux_asf.c, 1.45, 1.46
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
2006/3/30, Attila Kinali <attila at kinali.ch>:
> On Thu, 30 Mar 2006 01:25:11 +0200 (CEST)
> syncmail at mplayerhq.hu (Alban Bedel CVS) wrote:
>
> > Move global vars used for header parsing, etc to dewux->priv as it should
> > be. Also cleanup a bit signedness.
>
> Does this fix the exploit stuff?
> If so, could you write an advisory, a patch and put everything online?
For sure it does not fix the bug. As the buffer is still signed char,
loading the argument will first extend the sign.
It is even possible that change to unsigned to have actually open the
posibility of exploitation.
- Previous message: [MPlayer-cvslog] CVS: main/libmpdemux asf.h, 1.18, 1.19 asfheader.c, 1.47, 1.48 demux_asf.c, 1.45, 1.46
- Next message: [MPlayer-cvslog] CVS: main/libmpdemux asf.h, 1.18, 1.19 asfheader.c, 1.47, 1.48 demux_asf.c, 1.45, 1.46
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the MPlayer-cvslog
mailing list