Brasero should check the length of the filename in a playlist which make it no response
Submitted by asnine
Assigned to Brasero maintainer(s)
Link to original bug (#758213)
Description
-
Create a .m3u file and the file fill with 10000 characters of A.
-
Excute "brasero -l poc.m3u" and the software will display no response.
or
- Create a .m3u file with a size of 10M ,it can make the cup on a high level.
POC:
#!/usr/bin/perl
my $file = "crash.m3u";
my $junk = "A" x 10000;
open(FILE,"
file");
print (FILE "
junk");
close("$FILE");
PS:The brasero maybe don't check the length of the filename in a playlist.When we create a long string like 10000 characters, the 10000 characters will be dealed with a file name.When the program call the function of glib,it will cause some problem.
The function g_strdup_print() will no check the input length,and maybe cause some problems.
I run this software in my VMware with an Ubuntu OS.
When I run it in the Kali 1.1.0c,it even make the me logout by force and everything is lost on the desktop.