[MPlayer-dev-eng] buffer overrun in mp_input_parse_config

Martynas Venckus martynas at venck.us
Sat May 4 22:26:44 CEST 2013


Hi,

A few people have been running with the GCC stack fence diff I came up
with, which puts a fence between each buffer (rather than the last one
as stack protector does).

Mplayer has been crashing since due to a buffer overrun in
mp_input_parse_config() which always does buffer[-1] = '\0' at the
very end.  The following fixes it and I think is what was intended.

Cheers,
Martynas.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: mplayer-input-c-20130504.diff
Type: text/x-patch
Size: 451 bytes
Desc: not available
URL: <http://lists.mplayerhq.hu/pipermail/mplayer-dev-eng/attachments/20130504/0a7b2d7f/attachment.bin>


More information about the MPlayer-dev-eng mailing list