Bugtraq mailing list archives

xine-lib NES Sound Format Demuxer Buffer Overflow

From: laurent.gaffie () gmail com
Date: 23 Apr 2008 19:05:15 -0000

Hi there

Original advisory:
http://milw0rm.com/exploits/5458


There's another stack-based buffer overflow in demux_nfs.c

line 111:
this->copyright = strdup(&header[0x4E]);
line 189:
char copyright[100];
line 208:
sprintf(copyright, "(C) %s", this->copyright);

Regards Laurent Gaffié

Current thread:

xine-lib NES Sound Format Demuxer Buffer Overflow laurent . gaffie (Apr 23)
- Re: xine-lib NES Sound Format Demuxer Buffer Overflow Guido Landi (Apr 24)