• Cheng Sun's avatar
    Fix stack overflow in ExecuteCommand · e183a26d
    Cheng Sun authored
    Close #5675
    Because ExecuteCommand allocates temporary string space on the stack,
    proportional to the length of the command to execute, a stack overflow can
    occur when the the command is too long.
    This can be triggered remotely e.g. from the VLC Web interface, by
    running this JavaScript:
    which sends a string of length 300000 to ExecuteCommand, crashing VLC.
    OKed-by: Rafaël Carré's avatarRafaël Carré <funman@videolan.org>
    Signed-off-by: Jean-Baptiste Kempf's avatarJean-Baptiste Kempf <jb@videolan.org>
vlmshell.c 54.4 KB