[MPlayer-dev-eng] buffer overrun in mp_input_parse_config
Reimar Döffinger
Reimar.Doeffinger at gmx.de
Sat May 4 23:42:47 CEST 2013
On Sat, May 04, 2013 at 10:26:44PM +0200, Martynas Venckus wrote:
> Hi,
>
> A few people have been running with the GCC stack fence diff I came up
> with, which puts a fence between each buffer (rather than the last one
> as stack protector does).
>
> Mplayer has been crashing since due to a buffer overrun in
> mp_input_parse_config() which always does buffer[-1] = '\0' at the
> very end. The following fixes it and I think is what was intended.
I think so too but I decided to rather make the code comprehensible
instead of just stirring in the mess :-).
More information about the MPlayer-dev-eng
mailing list