[FFmpeg-trac] #11407(undetermined:new): heap-buffer-overflow vulnerability find in in function mov_read_trun at /ffmpeg/libavformat/mov.c:5944
FFmpeg
trac at avcodec.org
Tue Jan 14 16:00:39 EET 2025
#11407: heap-buffer-overflow vulnerability find in in function mov_read_trun at
/ffmpeg/libavformat/mov.c:5944
-------------------------------------+-------------------------------------
Reporter: SuTong | Owner: (none)
Type: defect | Status: new
Priority: important | Component:
| undetermined
Version: git-master | Resolution:
Keywords: | Blocked By:
Blocking: | Reproduced by developer: 0
Analyzed by developer: 0 |
-------------------------------------+-------------------------------------
Comment (by SuTong):
Replying to [comment:1 James]:
> I can't reproduce with current git head. Can you confirm if it's fixed
for you?
Yes, the mov.c file has now been reverted to commit #292c1df7c, which was
made in 2024. This issue has been fixed and will not be triggered in the
current git head. Thank you!
--
Ticket URL: <https://trac.ffmpeg.org/ticket/11407#comment:2>
FFmpeg <https://ffmpeg.org>
FFmpeg issue tracker
More information about the FFmpeg-trac
mailing list