-
Notifications
You must be signed in to change notification settings - Fork 71
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Still buffer overflows with rDNS tags #62
Comments
Thanks for filing an issue! Please note that this project is only passively maintained, so your best bet for getting an issue resolved is through a pull request that is easy to verify! Please read this for more information. |
Cross-referencing prior context: #44 |
Thanks! Could you include the ASAN overflows you see without this patch in place, and turn it into a PR so that it is reviewable? |
ASAN report uploaded above. By the way, much better, no more +4 magic number in proposed patch. |
Using ASAN options, I tried to fix buffer overflows with rDNS tags.
Navigating through the original source code is not easy and even if I did not find where the actual overflow happens, I think the proposed workaround would/could be acceptable.
Adding 4 more bytes than normally necessary when allocating memory storing rDNS name seems to bypass the problem.
So maybe someone would be interested in testing this in another context or even finding a better solution.
Here comes a potential patch to solve the problem.
reverseDNS.patch
Here comes a sample .sh script that adds many rDNS tags to a .m4a file converted from a .flac file.
try.sh.zip
Here comes the ASAN report without the patch.
asan.txt
The text was updated successfully, but these errors were encountered: