Skip to content

flv-parser memory overflow

High
ireader published GHSA-qv5v-8jcr-37p5 May 3, 2022

Package

No package listed

Affected versions

master

Patched versions

None

Description

Impact

libflv库中,flv_parser_append未检查expectbytes是否处于合理范围,同时FLV_AVHEADER_CODEC分支缺少default分支导致parser->expect未被reinit,最终导致溢出发生
image

Patches

fix flv-parser memory overflow

Workarounds

  1. 校验expect buffer大小
  2. 异常flv tag检查

References

@Cossack9989

For more information

If you have any questions or comments about this advisory:

Severity

High

CVE ID

No known CVE

Weaknesses

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow. Learn more on MITRE.

Credits