Opened 12 years ago
Closed 9 years ago
#11844 closed Patch - Bug Fix (fixed)
Negative values in Services API requests can cause segfaults
| Reported by: | Owned by: | paulh | |
|---|---|---|---|
| Priority: | minor | Milestone: | 0.28 |
| Component: | MythTV - Services API - Backend | Version: | Master Head |
| Severity: | medium | Keywords: | |
| Cc: | Ticket locked: | no |
Description
To Duplicate
Start the backend with -v upnp (just for detail)
From a browser send:
<hostname>:6544/Dvr/GetRecordScheduleList?StartIndex=-1
Backtrace/version and backend log attached.
Obvious workaround, don't send negative values.
I'd be glad to add a patch that takes the absolute value of nStartIndex and nCount, or range checkes their values.
But that only solves this case. Suggest that no input should crash the BE.
Attachments (3)
Change History (7)
Changed 12 years ago by
| Attachment: | gdb-mythbackend-20903.txt added |
|---|
Changed 12 years ago by
| Attachment: | mythbackend.20130911180803.20903.log added |
|---|
Changed 9 years ago by
| Attachment: | NegativeStartIndexGuard.patch.v0 added |
|---|
comment:1 Changed 9 years ago by
Added fixes for all StartIndex? parameters to prevent a -1 value from causing a segfault. Not sure why it exists in Channel::GetChannelInfoList? because it doesn't seem to have any affect. Tested on v0.28-pre-3221-g7292e21 with values of -1, 0, 1 and no StartIndex? parameter.
comment:2 Changed 9 years ago by
| Milestone: | unknown → 0.28 |
|---|---|
| Type: | Bug Report - Crash → Patch - Bug Fix |
comment:3 Changed 9 years ago by
| Owner: | set to paulh |
|---|---|
| Status: | new → accepted |
comment:4 Changed 9 years ago by
| Resolution: | → fixed |
|---|---|
| Status: | accepted → closed |
Note: See
TracTickets for help on using
tickets.
BT on v0.28-pre-84-g5b6f322