[FFmpeg-cvslog] r17761 - trunk/libavformat/http.c
Reimar Döffinger
Reimar.Doeffinger
Tue Mar 3 15:23:34 CET 2009
On Tue, Mar 03, 2009 at 02:26:17PM +0100, rbultje wrote:
> Author: rbultje
> Date: Tue Mar 3 14:26:17 2009
> New Revision: 17761
>
> Log:
> Fix allocated length of the HTTP authentication request field buffer, as
> noticed by Stefano and Luca in the "[PATCH]RTSP Basic Authentication"
> mailinglist thread.
>
> @@ -212,7 +212,7 @@ static int http_connect(URLContext *h, c
> int post, err, ch;
> char line[1024], *q;
> char *auth_b64;
> - int auth_b64_len = strlen(auth)* 4 / 3 + 12;
> + int auth_b64_len = (strlen(auth) + 2) / 3 * 4 + 1;
> int64_t off = s->off;
IMHO "fix" is a bad choice of words, it was not really wrong,
just a bit bigger than necessary?
The commit message made me expect something exploitable.
More information about the ffmpeg-cvslog
mailing list