Skip to content

Commit

Permalink
Allocate sufficiently sized buffer for entire segment including the u…
Browse files Browse the repository at this point in the history 
…nencrypted section.

A real bug.  Per the specifications, the AES decryption
will occur only on complete 16 byte blocks, with the
remainder unencrypted.  The codes allocated a buffer
only big enough for the aes encrypted data, and when
it copied the remainder, it overflowed that buffer
(anywhere from 0 to 15 bytes).

Fixes coverity 1023889

(There is some chance coverity will not understand the fix)

Signed-off-by: Jean-Yves Avenard <jyavenard@mythtv.org>
  • Loading branch information
@garybuhrmaster @jyavenard
garybuhrmaster authored and jyavenard committed Jun 19, 2013
1 parent b4f579a commit 004dcf2
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion mythtv/libs/libmythtv/HLS/httplivestreambuffer.cpp
View file
Expand Up @@ -289,7 +289,7 @@ class HLSSegment
/* Decrypt data using AES-128 */
int aeslen = m_data.size() & ~0xf;
unsigned char iv[AES_BLOCK_SIZE];
char *decrypted_data = new char[aeslen];
char *decrypted_data = new char[m_data.size()];
if (IV == NULL)
{
/*
Expand Down

0 comments on commit 004dcf2

Please sign in to comment.