aboutsummaryrefslogtreecommitdiffstats
path: root/libavfilter/gradfun.h
diff options
context:
space:
mode:
authorwm4 <nfxjfg@googlemail.com>2018-03-08 04:47:40 +0100
committerwm4 <nfxjfg@googlemail.com>2018-03-18 12:36:24 +0100
commitc0687acbf6094053834af6a20e9d71b455842c8c (patch)
treecbb1929fa71ff08beee62cfd617fd0574bfd83e3 /libavfilter/gradfun.h
parent39c1d170a3474a06f4805589d642f605f7ef1436 (diff)
downloadffmpeg-c0687acbf6094053834af6a20e9d71b455842c8c.tar.gz
http: avoid out of bound accesses on broken Set-Cookie headers
It's trivial to craft a HTTP response that will make the code for skipping trailing whitespace access and possibly overwrite bytes outside of the memory allocation. Why this can happen is blindingly obvious: it accesses cstr[strlen(cstr)-1] without checking whether the string is empty.
Diffstat (limited to 'libavfilter/gradfun.h')
0 files changed, 0 insertions, 0 deletions