We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Thanks for reporting your issue. Please make sure these boxes are checked before submitting your issue - thank you!
Detailed guidelines: http://gpac.io/2013/07/16/how-to-file-a-bug-properly/
in box_code_base.c line 8637 has a heap overflow.
GF_Err txtc_Read(GF_Box *s, GF_BitStream *bs) { u32 size, i; char *str; GF_TextConfigBox *ptr = (GF_TextConfigBox*)s; size = (u32) ptr->size; str = (char *)gf_malloc(sizeof(char)*size); i=0; while (size) { str[i] = gf_bs_read_u8(bs); size--; if (!str[i]) break; i++; } if (i) ptr->config = gf_strdup(str); gf_free(str); return GF_OK; }
When str is full without '\x00', strdup will make a heap overflow.
The text was updated successfully, but these errors were encountered:
fixed potential crash cf #1262
3fcf66c
now fixed, thanks for the report
Sorry, something went wrong.
CVE-2020-19750 was assigned for this issue.
No branches or pull requests
Thanks for reporting your issue. Please make sure these boxes are checked before submitting your issue - thank you!
Detailed guidelines: http://gpac.io/2013/07/16/how-to-file-a-bug-properly/
in box_code_base.c line 8637 has a heap overflow.
When str is full without '\x00', strdup will make a heap overflow.
The text was updated successfully, but these errors were encountered: