Commit 9ff50195 authored by Committed by Tim-Philipp Müller
gstrtspconnection: Security loophole making heap overflow
The former code allowed an attacker to create a heap overflow by sending a longer than allowed session id in a response and including a semicolon to change the maximum length. With this change, the parser will never go beyond 512 bytes.
Showing with 1 addition and 1 deletion