[mythtv-commits] Ticket #11606: Patch to allocate sufficiently sized buffer in httplivestreambuffer.cpp - fixes coverity 1023889
MythTV
noreply at mythtv.org
Mon Jun 17 21:38:13 UTC 2013
#11606: Patch to allocate sufficiently sized buffer in httplivestreambuffer.cpp -
fixes coverity 1023889
-------------------------------------+-------------------------------------
Reporter: Gary Buhrmaster | Type: Bug Report -
<gary.buhrmaster@…> | General
Status: new | Priority: minor
Milestone: unknown | Component: MythTV - General
Version: Master Head | Severity: medium
Keywords: | Ticket locked: 0
-------------------------------------+-------------------------------------
This patch should be reviewed by jya, who wrote the code.
This patch is current untested (I have no current mechanism to test).
This looks to be a real buffer overflow bug. Per the specifications, the
AES decryption will occur only on complete 16 byte blocks, with the
remainder unencrypted. The codes allocated a buffer only big enough for
the aes encrypted data, and when it copied the remainder, it overflowed
that buffer (anywhere from 0 to 15 bytes). Coverity properly detected
that the buffer was not going to be big enough for the (possible)
remainder.
The patch allocates a buffer big enough for the entire segment.
Fixes coverity 1023889
(There is some chance coverity will not understand the fix)
github formatted patch:
https://github.com/garybuhrmaster/mythtv/commit/b551172f7cae07c33e3c92facc87c7023492e137
git-am formatted patch:
https://github.com/garybuhrmaster/mythtv/commit/b551172f7cae07c33e3c92facc87c7023492e137.patch
--
Ticket URL: <http://code.mythtv.org/trac/ticket/11606>
MythTV <http://code.mythtv.org/trac>
MythTV Media Center
More information about the mythtv-commits
mailing list