[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Gnash-commit] [bug #43865] out-of-bounds read
From: |
Joshua Rogers |
Subject: |
[Gnash-commit] [bug #43865] out-of-bounds read |
Date: |
Sun, 21 Dec 2014 22:55:12 +0000 |
User-agent: |
Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:34.0) Gecko/20100101 Firefox/34.0 |
URL:
<http://savannah.gnu.org/bugs/?43865>
Summary: out-of-bounds read
Project: Gnash - The GNU Flash player
Submitted by: megamansec3
Submitted on: Sun 21 Dec 2014 10:55:11 PM GMT
Category: None
Severity: 3 - Normal
Release: None
Status: None
Privacy: Private
Assigned to: None
Open/Closed: Open
Discussion Lock: Any
_______________________________________________________
Details:
Hi,
In SWFStream.cpp on line 129, 'bytesToRead' may be up to 4.
129 int bytesToRead = bitcount/8;
But then, it is used here:
m_current_byte = cache[bytesToRead];
leading to an out-of-bounds read.
cache is:
byte cache[4];
Thanks
_______________________________________________________
Reply to this item at:
<http://savannah.gnu.org/bugs/?43865>
_______________________________________________
Message sent via/by Savannah
http://savannah.gnu.org/
- [Gnash-commit] [bug #43865] out-of-bounds read,
Joshua Rogers <=