[Ffmpeg-devel] [PATCH] different vorbis extradata handling
Rich Felker
dalias
Fri May 13 18:49:16 CEST 2005
On Fri, May 13, 2005 at 07:51:20AM +0200, matthieu castet wrote:
> Hi,
> Nico Sabbi wrote:
> >Michael Niedermayer wrote:
> >
> >>Hi
> >>
> >>On Friday 13 May 2005 01:36, Nico Sabbi wrote:
> >>
> >>
> >>>Michael Niedermayer wrote:
> >>>
> >>>
> >>>>>+ offset += xiphlacing(&ptr[offset], priv->len[1]);
> >>>>>
> >>>>
> >>>>looks possibly exploitable if a packet is larger then 64*255= 16320
> >>>>
> >>>
> >>>what value do you advise?
> >>>
> >>
> >>
> >>len/255 + 64 for example
> >>
> >>[...]
> >>
> >>
> >attached is the updated patch
> >
> Don't you should falback on the old method if the header is wrong ?
> All vorbis saved in nut, ... won't be playable anymore...
NUT is not complete and nut files are experimental. I see no reason we
should leave cruft around for backwards-compat with old versions of
in-development formats.
Rich
More information about the ffmpeg-devel
mailing list