[svn-commits] r359704 - svn:log
    SVN commits to the Digium repositories 
    svn-commits at lists.digium.com
       
    Thu Mar 15 14:18:25 CDT 2012
    
    
  
Author: mjordan
Revision: 359704
Modified property: svn:log
Modified: svn:log at Thu Mar 15 14:18:25 2012
------------------------------------------------------------------------------
--- svn:log (original)
+++ svn:log Thu Mar 15 14:18:25 2012
@@ -3,11 +3,7 @@
 Milliwatt is vulnerable to a remotely exploitable stack overrun when using
 the 'o' option.  This occurs due to the milliwatt_generate function not
 accounting for AST_FRIENDLY_OFFSET when calculating the maximum number of
-samples it can put in the output buffer.  For channels using a format with 
-a sample rate less than 32kHz, the buffer overrun should not be possible as
-the buffer allocated is sufficient to hold the data, even with no bounds
-checking.  For formats with a sample rate greater then 32kHz however, the
-fixed length buffer will be overrun.
+samples it can put in the output buffer.
 
 This patch resolves this issue by taking into account AST_FRIENDLY_OFFSET
 when determining the maximum number of samples allowed.  Note that at no
    
    
More information about the svn-commits
mailing list