aboutsummaryrefslogtreecommitdiff
path: root/experimental/stk.cpp
diff options
context:
space:
mode:
authorRussell Bryant <russellbryant@users.sourceforge.net>2008-01-06 14:20:04 +0000
committerRussell Bryant <russellbryant@users.sourceforge.net>2008-01-06 14:20:04 +0000
commit7d6f1f3c636989d9d50f1bbc9a4419f69345e514 (patch)
treeaf3aca56c60326670a15306db6c6f07b1581ac03 /experimental/stk.cpp
parent7678586aa3cef8591249fe4369f942ecb342300d (diff)
Fix a security issue.
streamin~ was vulnerable to a remotely exploitable heap buffer overflow that could potentially allow an attacker to execute arbitrary code on a machine that is using streamin~. The issue is that the defined frame header includes a field for frame size which indicates how much additional data is available. However, this frame size was not checked to ensure that it was smaller than the size of the buffer that was allocated to store this data. (one of my patches from issue #1848356) svn path=/trunk/externals/ggee/; revision=9133
Diffstat (limited to 'experimental/stk.cpp')
0 files changed, 0 insertions, 0 deletions