Closed hfujita closed 8 years ago
rtsp_auth_cb makes an out-of-bound memory access upon calling pa_raop_base64_encode.
rtsp_auth_cb
pa_raop_base64_encode
uint16_t rac; ... pa_raop_base64_encode(&rac, 8 * sizeof(rac), &sac);
rac has only 2 bytes but the second parameter (len) is 16 bytes, which causes an out-of-bound access.
rac
This is a part of issues reported by Alexander. http://lists.freedesktop.org/archives/pulseaudio-discuss/2015-January/023003.html
rtsp_auth_cbmakes an out-of-bound memory access upon callingpa_raop_base64_encode.rachas only 2 bytes but the second parameter (len) is 16 bytes, which causes an out-of-bound access.This is a part of issues reported by Alexander. http://lists.freedesktop.org/archives/pulseaudio-discuss/2015-January/023003.html