You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hi ,I use static analysis tool to find a vulnerable func similar to readMovie(util/main.c)
Just similar to commit 7fed314,in func parseSWF_DEFINESPRITE (util/parser.c) ,splength(line 2302) has intint type but according to the specification it should be able to store unsigned 32bit numbers. There should be a check to verify that the value returned by readUInt32 is smaller than INT_MAX and update splength if it's the case.Otherwise we should print a warning and ignore the block.
The text was updated successfully, but these errors were encountered:
Hi ,I use static analysis tool to find a vulnerable func similar to readMovie(util/main.c)
Just similar to commit 7fed314,in func parseSWF_DEFINESPRITE (util/parser.c) ,splength(line 2302) has intint type but according to the specification it should be able to store unsigned 32bit numbers. There should be a check to verify that the value returned by readUInt32 is smaller than INT_MAX and update splength if it's the case.Otherwise we should print a warning and ignore the block.
The text was updated successfully, but these errors were encountered: