• Tobias Stoeckmann's avatar
    ffserver: local OOB write with custom program name · 95d9a85c
    Tobias Stoeckmann authored
    When the command line for children is created, it is assumed that
    my_program_name always ends with "ffserver", which doesn't have to
    be true if ffserver is called through a symbolic link.
    
    In such a case, it could be that not enough space for "ffmpeg" is
    available at the end, leading to a buffer overflow.
    
    One example would be:
    
    $ ln -s /usr/bin/ffserver ~/f; ~/f
    
    As this is only a local buffer overflow, i.e. is based on a weird
    program call, this has NO security impact.
    Signed-off-by: 's avatarMichael Niedermayer <michael@niedermayer.cc>
    95d9a85c
ffserver.c 125 KB