Skip to content

Commit

Permalink
Fix buffer overflow in performRtspHandshake (CVE-2023-42800)
Browse files Browse the repository at this point in the history
  • Loading branch information
@k3an3 @cgutman
k3an3 authored and cgutman committed Oct 7, 2023
1 parent 02b7742 commit 24750d4
Showing 1 changed file with 2 additions and 1 deletion.
3 changes: 2 additions & 1 deletion src/RtspConnection.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -776,7 +776,8 @@ int performRtspHandshake(PSERVER_INFORMATION serverInfo) {
(StreamConfig.streamingRemotely != STREAM_CFG_REMOTE || CHANNEL_COUNT_FROM_AUDIO_CONFIGURATION(StreamConfig.audioConfiguration) <= 2)) {
// If we have an RTSP URL string and it was successfully parsed, use that string
if (serverInfo->rtspSessionUrl != NULL && parseUrlAddrFromRtspUrlString(serverInfo->rtspSessionUrl, urlAddr, sizeof(urlAddr))) {
strcpy(rtspTargetUrl, serverInfo->rtspSessionUrl);
PltSafeStrcpy(rtspTargetUrl, sizeof(rtspTargetUrl), serverInfo->rtspSessionUrl);
rtspTargetUrl[sizeof(rtspTargetUrl) - 1] = '\0';
}
else {
// If an RTSP URL string was not provided or failed to parse, we will construct one now as best we can.
Expand Down

0 comments on commit 24750d4

Please sign in to comment.