[Live-devel] Vulnerabilities in RTPInterface::handleRead()
Ross Finlayson
finlayson at live555.com
Tue Apr 8 23:04:03 PDT 2008
>Here, ReadSocket() returns int while curBytesRead is declared
>unsigned. If ReadSocket() returns -1, the above code may cause
>problem.
You're right - thanks for noting this.
Changing the declaration of "curBytesRead" from "unsigned" to "int"
fixes the problem. (This will be included in the next release.)
--
Ross Finlayson
Live Networks, Inc.
http://www.live555.com/
More information about the live-devel
mailing list