[FFmpeg-devel] Security issues?
Wed Sep 23 20:48:20 CEST 2009
On Wed, Sep 23, 2009 at 11:11:37AM -0700, Baptiste Coudurier wrote:
> On 09/23/2009 02:33 AM, Michael Niedermayer wrote:
>> On Tue, Sep 22, 2009 at 08:09:08PM +0200, Michael Niedermayer wrote:
>>> lars has mailed me the following 2 links
>> next is for mov:
>> this probably isnt security relevant but still should be fixed
>> issue is that 32bits are read into an (signed) int and thus one can
>> end with a negative time_scale, chromes patch looks wrong
>> changing time_scale to unsigned seems the solution at first but its
>> assigned to sample_rate and time_base which themselfs are signed ...
> Yes patch is wrong, specs says time_scale is unsigned. Field must be
> changed to unsigned.
> sample_rate and time_base should also be unsigned
> IMHO, but this might have side effects ...
time_base is AVRational which are 2 signed ints, its hard to change that
about sample_rate, i agree in principle but a value >0x7FFFFFFF is a bug
Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB
He who knows, does not speak. He who speaks, does not know. -- Lao Tsu
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: Digital signature
More information about the ffmpeg-devel