|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
VLC highlander bug
From: Luigi Auriemma (aluigi
autistici.org)
Date: Mon Mar 17 2008 - 12:35:25 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
The old buffer-overflow in the subtitles handled by VLC has not been
fully patched in version 0.8.6e, in fact buffer_text2 in ParseSSA is
still unchecked:
if( sscanf( s,
"Dialogue: %[^,],%d:%d:%d.%d,%d:%d:%d.%d,%81920[^\r\n]",
buffer_text2,
The funny thing is that my old proof-of-concept was built just to test
this specific buffer-overflow and in fact it works on the new VLC version
too without modifications 8-)
Instead the SVN version was and is patched from 10 months as I wrote in
my old advisory:
http://aluigi.org/adv/vlcboffs-adv.txt
---
Luigi Auriemma
http://aluigi.org
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]