[Mplayerxp-cvslog] CVS: mplayerxp/mplayerxp/libmpdemux asf_streaming.c,1.10,1.11
Brought to you by:
olov
Menu
▾
▴
[Mplayerxp-cvslog] CVS: mplayerxp/mplayerxp/libmpdemux asf_streaming.c,1.10,1.11
|
From: Olov G. <ol...@us...> - 2003-10-01 21:15:00
|
Update of /cvsroot/mplayerxp/mplayerxp/mplayerxp/libmpdemux
In directory sc8-pr-cvs1:/tmp/cvs-serv15253
Modified Files:
asf_streaming.c
Log Message:
Update from mplayer:
simple fix for buffer overflow (remotely exploitable). feel free to
commit a better fix if you don't like it.
Index: asf_streaming.c
===================================================================
RCS file: /cvsroot/mplayerxp/mplayerxp/mplayerxp/libmpdemux/asf_streaming.c,v
retrieving revision 1.10
retrieving revision 1.11
diff -p -u -d -r1.10 -r1.11
--- asf_streaming.c 15 Jan 2003 08:55:53 -0000 1.10
+++ asf_streaming.c 1 Oct 2003 21:14:55 -0000 1.11
@@ -502,11 +502,11 @@ asf_http_request(streaming_ctrl_t *strea
return NULL;
}
http_set_uri( http_hdr, server_url->url );
- sprintf( str, "Host: %s:%d", server_url->hostname, server_url->port );
+ sprintf( str, "Host: %.220s:%d", server_url->hostname, server_url->port );
url_free( server_url );
} else {
http_set_uri( http_hdr, url->file );
- sprintf( str, "Host: %s:%d", url->hostname, url->port );
+ sprintf( str, "Host: %.220s:%d", url->hostname, url->port );
}
http_set_field( http_hdr, str );
|