[FFmpeg-devel] [PATCH 3/4] avcodec/simple_idct_template: Fix several integer overflows

Michael Niedermayer michael at niedermayer.cc
Mon Mar 13 13:53:27 EET 2017


On Mon, Mar 13, 2017 at 09:51:40AM +0100, Paul B Mahol wrote:
> On 3/13/17, Michael Niedermayer <michael at niedermayer.cc> wrote:
> > Benchmarks with START_TIMER indicate that the code is faster with unsigned,
> > (that is
> > with the patch), there was quite some fluctuation in the numbers so this may
> > be just
> > random
> >
> > Fixes: 811/clusterfuzz-testcase-6465493076541440
> >
> > Found-by: continuous fuzzing process
> > https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
> > Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
> > ---
> >  libavcodec/simple_idct_template.c | 36 ++++++++++++++++++------------------
> >  1 file changed, 18 insertions(+), 18 deletions(-)
> >
> 
> So this fixes remote code execution?

It fixes integer overflows which are undefined behavior,
i very much doubt this allows any RCE in practive anywhere but
strictly speaking undefined means anything can happen


> 
> Please state what commit fixes.

Please see the first line of the commit message, which git puts in
the subject of the mail:

Subject: Re: [FFmpeg-devel] [PATCH 3/4] avcodec/simple_idct_template: Fix several integer overflows

[...]

-- 
Michael     GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB

Concerning the gods, I have no means of knowing whether they exist or not
or of what sort they may be, because of the obscurity of the subject, and
the brevity of human life -- Protagoras
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: Digital signature
URL: <http://ffmpeg.org/pipermail/ffmpeg-devel/attachments/20170313/f1c26a2b/attachment.sig>


More information about the ffmpeg-devel mailing list