[FFmpeg-devel] [PATCH] Fix heap-buffer-overflow in matroska_parse_block
michaelni at gmx.at
Wed Mar 27 23:56:22 CET 2013
On Wed, Mar 27, 2013 at 03:34:02PM -0700, Matthew Wolenetz wrote:
> This patch fixes an issue encountered downstream in Chromium.
> matroska_parse_block (together with matroska_parse_laces) needs to subtract
> the lace metadata size from the buffer size, otherwise it still appears
> possible in upstream FFmpeg that out-of-bounds reads could occur later, for
> example in matroska_parse_rm_audio.
> Note: Dale Curtis <dalecurtis at chromium.org> is the original author of this
Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB
DNS cache poisoning attacks, popular search engine, Google internet authority
dont be evil, please
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 198 bytes
Desc: Digital signature
More information about the ffmpeg-devel