Skip to content
Commit f6722775 authored by Tobias Ronge's avatar Tobias Ronge
Browse files

gstrtspconnection: Security loophole making heap overflow 

The former code allowed an attacker to create a heap overflow by
sending a longer than allowed session id in a response and including a
semicolon to change the maximum length. With this change, the parser
will never go beyond 512 bytes.
parent 2e939afd
Pipeline #23997 failed with stages
in 2 hours, 20 minutes, and 10 seconds
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment