A media streaming server based on nginx-rtmp-module. In addtion to the features nginx-rtmp-module provides, HTTP-FLV, GOP cache, VHosts (one IP for multi domain names) and JSON style statistics are supported now.
BSD 2-Clause "Simplified" License
2.75k
stars
571
forks
source link
[security] Potential stack overflow in `ngx_http_flv_live_connect_init` #170
漏洞点
ngx_memcpy(name, stream->data, stream->len);
name
定义为u_char name[NGX_RTMP_MAX_NAME]; // #define NGX_RTMP_MAX_NAME 256
, 如果stream
超过256字节,就会导致栈溢出Configuration file / 配置文件
Steps to reproduce the behavior / 复现问题步骤
关闭保护机制编译可造成远程任意命令执行。
exploit (shellcode+padding+addr([jmp rsi]))
没有关闭保护机制可造成DoS漏洞