diff options
author | wm4 <nfxjfg@googlemail.com> | 2018-03-08 04:47:40 +0100 |
---|---|---|
committer | wm4 <nfxjfg@googlemail.com> | 2018-03-18 12:36:24 +0100 |
commit | c0687acbf6094053834af6a20e9d71b455842c8c (patch) | |
tree | cbb1929fa71ff08beee62cfd617fd0574bfd83e3 /libavcodec | |
parent | 39c1d170a3474a06f4805589d642f605f7ef1436 (diff) | |
download | ffmpeg-c0687acbf6094053834af6a20e9d71b455842c8c.tar.gz |
http: avoid out of bound accesses on broken Set-Cookie headers
It's trivial to craft a HTTP response that will make the code for
skipping trailing whitespace access and possibly overwrite bytes outside
of the memory allocation. Why this can happen is blindingly obvious: it
accesses cstr[strlen(cstr)-1] without checking whether the string is
empty.
Diffstat (limited to 'libavcodec')
0 files changed, 0 insertions, 0 deletions