[datatype-dev] CN:[Bug 180788] Security Vulnerability - SMILWallclock Stack Overflow

[datatype-dev] CN:[Bug 180788] Security Vulnerability - SMILWallclock Stack Overflow

Jeff Leitner jeffl at real.com
Tue Nov 21 10:18:19 PST 2006 

Can you verify that these changes build on hxclient_1_2_1_neptune?  I've 
received a report that says the build failed.  Below is the error 
output.  Thanks.


smlprstime.cpp
..\..\..\..\common\include\atomicbase.h(1168) : warning C4005: 
'HAVE_INTERLOCKED_INCREMENT' : macro redefinition
         rel32\datatype_smil_renderer_smil2_ribodefs.h(5) : see previous 
definition of 'HAVE_INTERLOCKED_INCREMENT'
smlprstime.cpp(1269) : error C2362: initialization of 'UTCOffset' is 
skipped by 'goto cleanup'
         smlprstime.cpp(941) : see declaration of 'UTCOffset'
smlprstime.cpp(1269) : error C2362: initialization of 'ms' is skipped by 
'goto cleanup'
         smlprstime.cpp(936) : see declaration of 'ms'
smlprstime.cpp(1269) : error C2362: initialization of 'sec' is skipped by 
'goto cleanup'
         smlprstime.cpp(935) : see declaration of 'sec'
smlprstime.cpp(1269) : error C2362: initialization of 'min' is skipped by 
'goto cleanup'
         smlprstime.cpp(934) : see declaration of 'min'
smlprstime.cpp(1269) : error C2362: initialization of 'hour' is skipped by 
'goto cleanup'
         smlprstime.cpp(933) : see declaration of 'hour'
smlprstime.cpp(1269) : error C2362: initialization of 'day' is skipped by 
'goto cleanup'
         smlprstime.cpp(931) : see declaration of 'day'
smlprstime.cpp(1269) : error C2362: initialization of 'month' is skipped by 
'goto cleanup'
         smlprstime.cpp(930) : see declaration of 'month'
smlprstime.cpp(1269) : error C2362: initialization of 'year' is skipped by 
'goto cleanup'
         smlprstime.cpp(929) : see declaration of 'year'
smlprstime.cpp(1269) : error C2362: initialization of 'pDatePos' is skipped 
by 'goto cleanup'
         smlprstime.cpp(927) : see declaration of 'pDatePos'
smlprstime.cpp(1269) : error C2362: initialization of 'pTimePos' is skipped 
by 'goto cleanup'
         smlprstime.cpp(926) : see declaration of 'pTimePos'
smlprstime.cpp(1269) : error C2362: initialization of 'pTimeZone' is 
skipped by 'goto cleanup'
         smlprstime.cpp(925) : see declaration of 'pTimeZone'
smlprstime.cpp(1269) : error C2362: initialization of 'pT' is skipped by 
'goto cleanup'
         smlprstime.cpp(924) : see declaration of 'pT'
smlprstime.cpp(1269) : error C2362: initialization of 'end' is skipped by 
'goto cleanup'
         smlprstime.cpp(923) : see declaration of 'end'
smlprstime.cpp(1269) : error C2362: initialization of 'begin' is skipped by 
'goto cleanup'
         smlprstime.cpp(922) : see declaration of 'begin'
NMAKE : fatal error U1077: 'cl' : return code '0x2'
Stop.
Log object not initialized - cannot log: [#-00008978][2006-11-21 
02:33:26][412][EXIT ] : Leaving e:\src\build\lib\shell.py::run() with 
return values: 2
Time used: 6.30 seconds
ERROR: WinCompile(datatype/smil/renderer/smil2) ERROR: Make failed.

--- Build System Error ------------------------------------
Make failed.
-----------------------------------------------------------

leaving directory e:\src\.\datatype\smil\renderer\smil2

At 12:57 AM 11/21/2006, Gaurav Bajaj wrote:

>Thanks Eric,
>
>This has been checked into
>hxclient_1_2_1_neptune
>hxclient_1_2_2_neptune
>hxclient_1_2_2i_neptune
>hxclient_1_5_0_cayenne
>HEAD
>
>Thanks & Regards
>Gaurav Bajaj
>
>Eric Hyche wrote:
>>These changes look good.
>>
>>Eric
>>
>>=============================================
>>Eric Hyche (ehyche at real.com)
>>Technical Lead
>>RealNetworks, Inc.
>>
>>
>>>-----Original Message-----
>>>From: datatype-dev-bounces at helixcommunity.org 
>>>[mailto:datatype-dev-bounces at helixcommunity.org] On Behalf Of Gaurav Bajaj
>>>Sent: Tuesday, November 14, 2006 12:12 PM
>>>To: datatype-dev at helixcommunity.org
>>>Subject: [datatype-dev] CR:[Bug 180788] Security Vulnerability - 
>>>SMILWallclock Stack Overflow
>>>
>>>
>>>*Synopsis:*
>>>
>>>This change fixes the crash when we parse the WallClock in SMIL2 and 
>>>prevents stack overflow
>>>
>>>*Overview:*
>>>It fixes potential buffer overflows and also fixes 2 potential logical bugs
>>>1.Handling of just the date without date and time together..
>>>2.Conversion of fraction to milliseconds.
>>>
>>>*Files Added:*
>>>None
>>>
>>>*Files Modified:*
>>>
>>>datatype/smil/renderer/smil2/smlprstime.cpp
>>>
>>>*Image Size and Heap Use impact (Client -Only):*
>>>None.
>>>
>>>*Platforms and Profiles Affected:*
>>>Not a platform specific change
>>>
>>>*Distribution Libraries Affected:*
>>>None
>>>
>>>*Distribution library impact and planned action:*
>>>None
>>>
>>>*Platforms and Profiles Build Verified:*
>>>
>>>BIF branch  -> hxclient_1_5_0_cayenne_restricted
>>>Target(s) ->splay
>>>Profile ->helix-client-all-defines
>>>SYSTEM_ID=win32-i386-vc7
>>>
>>>
>>>*Branch:*
>>>hxclient_1_2_1_neptune
>>>hxclient_1_2_2_neptune
>>>hxclient_1_2_2i_neptune
>>>hxclient_1_5_0_cayenne
>>>HEAD
>>>
>>>*Files Attached:*
>>>smlprstime.cpp.diff
>>>
>>>Regards,
>>>Gaurav
>>>
>>>
>>
>>
>>
>
>_______________________________________________
>Datatype-dev mailing list
>Datatype-dev at helixcommunity.org
>http://lists.helixcommunity.org/mailman/listinfo/datatype-dev
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.helixcommunity.org/pipermail/datatype-dev/attachments/20061121/767c7225/attachment-0001.html

More information about the Datatype-dev mailing list
 
Site Map   |   Terms of Use   |   Privacy Policy   |   Contact Us

Copyright © 1995-2007 RealNetworks, Inc. All rights reserved. RealNetworks and Helix are trademarks of RealNetworks.
All other trademarks or registered trademarks are the property of their respective holders.