[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: Re: [oss-security] CVE Request: FFmpeg 2.1 multiple problems
From: Michael Niedermayer <michaelni () gmx ! at>
Date: 2013-11-28 11:09:48
Message-ID: 20131128110948.GT10262 () nb4
[Download RAW message or body]
On Thu, Nov 28, 2013 at 01:02:52AM -0700, Kurt Seifried wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Ok tracked down who reported most of these, but two are still unknown:
[...]
> https://github.com/FFmpeg/FFmpeg/commit/454a11a1c9c686c78aa97954306fb63453299760
> avcodec/dsputil: fix signedness in sizeof() comparissions leading
> to interger overflow and out of array accesses
> Who reported this?
IIRC after i fixed ticket2919, i searched for similar issues in
the codebase and that was what i found.
>
>
>
>
> https://github.com/FFmpeg/FFmpeg/commit/547d690d676064069d44703a1917e0dab7e33445
> Fixes out of array (on heap) writes in ffv1 decoding
> https://trac.ffmpeg.org/ticket/2906 ami_stuff
> Found-by: ami_stuff
>
[...]
> https://github.com/FFmpeg/FFmpeg/commit/86736f59d6a527d8bc807d09b93f971c0fe0bb07
> avcodec/pngdsp: fix (un)signed type in end comparission
> Fixes out of array writes in png decoding
> https://trac.ffmpeg.org/ticket/2919 ami_stuff
> Found_by: ami_stuff
>
[...]
> https://github.com/FFmpeg/FFmpeg/commit/b05cd1ea7e45a836f7f6071a716c38bb30326e0f
> ffv1dec: Check bits_per_raw_sample and colorspace for equality in
> ver 0/1 headers
> prevents inconsistency and out of array write
> Who reported this?
IIRC it probably was the result of code review which was done due to
Ticket 2906
[...]
--
Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB
Rewriting code that is poorly written but fully understood is good.
Rewriting code that one doesnt understand is a sign that one is less smart
then the original author, trying to rewrite it will not make it better.
["signature.asc" (application/pgp-signature)]
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic