Opened 11 years ago
Closed 11 years ago
#11606 closed Patch - Bug Fix (Fixed)
Patch to allocate sufficiently sized buffer in httplivestreambuffer.cpp - fixes coverity 1023889
Reported by: | Owned by: | JYA | |
---|---|---|---|
Priority: | minor | Milestone: | unknown |
Component: | MythTV - General | Version: | Master Head |
Severity: | medium | Keywords: | |
Cc: | Ticket locked: | no |
Description
This patch should be reviewed by jya, who wrote the code.
This patch is current untested (I have no current mechanism to test).
This looks to be a real buffer overflow bug. Per the specifications, the AES decryption will occur only on complete 16 byte blocks, with the remainder unencrypted. The codes allocated a buffer only big enough for the aes encrypted data, and when it copied the remainder, it overflowed that buffer (anywhere from 0 to 15 bytes). Coverity properly detected that the buffer was not going to be big enough for the (possible) remainder.
The patch allocates a buffer big enough for the entire segment.
Fixes coverity 1023889
(There is some chance coverity will not understand the fix)
github formatted patch: https://github.com/garybuhrmaster/mythtv/commit/b551172f7cae07c33e3c92facc87c7023492e137
git-am formatted patch: https://github.com/garybuhrmaster/mythtv/commit/b551172f7cae07c33e3c92facc87c7023492e137.patch
Change History (5)
comment:1 Changed 11 years ago by
comment:2 Changed 11 years ago by
Type: | Bug Report - General → Patch - Bug Fix |
---|
comment:3 Changed 11 years ago by
Owner: | set to JYA |
---|---|
Status: | new → assigned |
comment:4 Changed 11 years ago by
Please close this ticket. This was fixed by commit 004dcf2b81d182c0a476f414b3adf822b37dd4d5
Thanks.
comment:5 Changed 11 years ago by
Resolution: | → Fixed |
---|---|
Status: | assigned → closed |
Closed at submitter's request
Sorry, this should have been a type Patch-bug fix (too many drop downs, too little looking at what I am doing when copying/pasting.