[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Gnash-commit] [bug #43867] int overflow

From: Joshua Rogers
Subject: [Gnash-commit] [bug #43867] int overflow
Date: Mon, 22 Dec 2014 11:46:39 +0000
User-agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:34.0) Gecko/20100101 Firefox/34.0


                 Summary: int overflow
                 Project: Gnash - The GNU Flash player
            Submitted by: megamansec3
            Submitted on: Mon 22 Dec 2014 11:46:38 AM GMT
                Category: None
                Severity: 3 - Normal
                 Release: None
                  Status: None
                 Privacy: Private
             Assigned to: None
             Open/Closed: Open
         Discussion Lock: Any




In ASHandlers.cpp:

2306    unsigned nargs = toNumber(env.pop(), getVM(env));

may cause an int overflow dur to the conversation from 64bits to 32bits 

And then it is used:

2325        as_object* newobj = construct_object(constructor, env, nargs);

which will cause problems.



Reply to this item at:


  Message sent via/by Savannah

reply via email to

[Prev in Thread] Current Thread [Next in Thread]