mirrors/gstreamer
mirrors/gstreamer
1
1
Fork 0
mirror of https://gitlab.freedesktop.org/gstreamer/gstreamer.git synced 2025-04-26 05:06:17 +00:00
Code Issues 1 Projects Releases Wiki Activity

apexsink: Fix buffer overflow, in case anyone ever ports it.

Browse source 
Fix a simple buffer overflow - 16 bytes isn't enough to hold
the string representation of a gulong on x86_64. I guess the
intent was to generate a 32 bit random key, so let's do that.

Only matters if anyone ever ports the sink to 1.x

https://bugzilla.gnome.org/show_bug.cgi?id=676524
This commit is contained in:
Jan Schmidt 2015-04-16 22:43:54 +10:00
parent d84d803431
commit 9e1135e209
1 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
ext/apexsink/gstapexraop.c
View file

@ -252,7 +252,7 @@ gst_apexraop_connect (GstApExRAOP * con)
{ {
struct asvals struct asvals
{ {
gulong url_key; guint32 url_key;
guint64 conn_id; guint64 conn_id;
guchar challenge[16]; guchar challenge[16];
} v; } v;
@ -284,7 +284,7 @@ gst_apexraop_connect (GstApExRAOP * con)
return GST_RTSP_STS_DESTINATION_UNREACHABLE; return GST_RTSP_STS_DESTINATION_UNREACHABLE;
RAND_bytes (randbuf.buf, sizeof (randbuf)); RAND_bytes (randbuf.buf, sizeof (randbuf));
sprintf ((gchar *) conn->url_abspath, "%lu", randbuf.v.url_key); sprintf ((gchar *) conn->url_abspath, "%u", randbuf.v.url_key);
sprintf ((char *) conn->cid, "%16" G_GINT64_MODIFIER "x", randbuf.v.conn_id); sprintf ((char *) conn->cid, "%16" G_GINT64_MODIFIER "x", randbuf.v.conn_id);
RAND_bytes (conn->aes_ky, AES_BLOCK_SIZE); RAND_bytes (conn->aes_ky, AES_BLOCK_SIZE);