[FFmpeg-devel] Security issues?

Michael Niedermayer michaelni
Thu Sep 24 02:08:52 CEST 2009

On Wed, Sep 23, 2009 at 04:14:24PM -0700, Baptiste Coudurier wrote:
> On 09/23/2009 03:05 PM, Michael Niedermayer wrote:
>> On Wed, Sep 23, 2009 at 08:24:51PM +0100, M?ns Rullg?rd wrote:
>>> Michael Niedermayer<michaelni at gmx.at>  writes:
>>>> On Wed, Sep 23, 2009 at 11:11:37AM -0700, Baptiste Coudurier wrote:
>>>>> On 09/23/2009 02:33 AM, Michael Niedermayer wrote:
>>>>>> On Tue, Sep 22, 2009 at 08:09:08PM +0200, Michael Niedermayer wrote:
>>>>>>> Hi
>>>>>>> lars has mailed me the following 2 links
>>>>>>> http://www.heise.de/newsticker/Sicherheitsluecken-in-VLC-und-FFmpeg--/meldung/145655
>>>>>>> http://secunia.com/advisories/36805/
>>>>>> next is for mov:
>>>>>> http://src.chromium.org/viewvc/chrome/trunk/deps/third_party/ffmpeg/patches/to_upstream/35_mov_bad_timings.patch?revision=25101&view=markup
>>>>>> this probably isnt security relevant but still should be fixed
>>>>>> issue is that 32bits are read into an (signed) int and thus one can
>>>>>> end with a negative time_scale, chromes patch looks wrong
>>>>>> changing time_scale to unsigned seems the solution at first but its
>>>>>> assigned to sample_rate and time_base which themselfs are signed ...
>>>>> Yes patch is wrong, specs says time_scale is unsigned. Field must be
>>>>> changed to unsigned.
>>>>> sample_rate and time_base should also be unsigned
>>>>> IMHO, but this might have side effects ...
>>>> time_base is AVRational which are 2 signed ints, its hard to change that
>>> AVURational?
>> AVBikeshedIrrationalTheSignedWorksNicely ?
> Well in the future we might need AVRational64 anyway :)

Thats at least more flexible than 1 bit more unsigned range
but first there has to be a problem to fix, for timebases 31/31 seems
perfectly fine and exact for everything ive seen so far ...
also AVRational64 would be quite a bit slower than AVRational, so its
something we should try to avoid unless its really beneficial
with 32bit rational, operations on it are simple as C has a 64bit type
for the intermediates, with 64bit thats no longer the case ...


Michael     GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB

Democracy is the form of government in which you can choose your dictator
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
URL: <http://lists.mplayerhq.hu/pipermail/ffmpeg-devel/attachments/20090924/b39e3672/attachment.pgp>

More information about the ffmpeg-devel mailing list