[FFmpeg-devel] [PATCH] Use correct colorspace in Cinepak decoder.

Carl Eugen Hoyos cehoyos at ag.or.at
Tue Feb 19 10:17:47 CET 2013


 <u-bo1b <at> 0w.se> writes:

> > this patch seems to break decoding of
> > https://ffmpeg.org/trac/ffmpeg/raw-attachment/ticket/1303/1.avi
> 
> The vulnerability has been there in the decoder from the 
> beginning, it had no protection against writing outside the frame 
> memory when any of the coordinates were not a multiple of 4.

valgrind does not report any invalid memory access for 
the sample above, so is there really any 
writing "outside the frame memory"?

Carl Eugen



More information about the ffmpeg-devel mailing list