centos 6
shell weakness #28

4

Weakness Breakdown


Definition:

A shell weakness occurs when a program enables an attacker to execute unexpected commands on the operating system.

Warning code(s):

This causes a new program to execute and is difficult to use safely.

File Name:

gst-plugins-good-0.10.23/ext/dv/gstsmptetimecode.h

Context:

The highlighted line of code below is the trigger point of this particular Centos 6 shell weakness.

 /**
 * GstSMPTETimeCode:
 * @GST_SMPTE_TIME_CODE_SYSTEM_30: 29.97 frame per second system (NTSC)
 * @GST_SMPTE_TIME_CODE_SYSTEM_25: 25 frame per second system (PAL)
 * @GST_SMPTE_TIME_CODE_SYSTEM_24: 24 frame per second system
 *
 * Enum value representing SMPTE Time Code system.
 */
typedef enum {
  GST_SMPTE_TIME_CODE_SYSTEM_30 = 0,
  GST_SMPTE_TIME_CODE_SYSTEM_25,
  GST_SMPTE_TIME_CODE_SYSTEM_24
} GstSMPTETimeCodeSystem;

struct _GstSMPTETimeCode {
  int hours;
  int minutes;
  int seconds;
  int frames;
};

#define GST_SMPTE_TIME_CODE_SYSTEM_IS_VALID(x) \
  ((x) >= GST_SMPTE_TIME_CODE_SYSTEM_30 && (x) <= GST_SMPTE_TIME_CODE_SYSTEM_24)

gboolean gst_smpte_time_code_is_valid (GstSMPTETimeCodeSystem system,
    GstSMPTETimeCode *time_code);
gboolean gst_smpte_time_code_from_frame_number (GstSMPTETimeCodeSystem system,
    GstSMPTETimeCode *time_code, int frame_number);
gboolean gst_smpte_time_code_get_frame_number (GstSMPTETimeCodeSystem system,
    int *frame_number, GstSMPTETimeCode *time_code);
GstClockTime gst_smpte_time_code_get_timestamp (GstSMPTETimeCodeSystem system,
    GstSMPTETimeCode *time_code);

G_END_DECLS

#endif
 

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.