[FFmpeg-devel] [PATCH] Fix crash in cdxa_probe() when opening HTTP URL
Michael Niedermayer
michaelni
Thu Nov 1 00:02:26 CET 2007
Hi
On Wed, Oct 31, 2007 at 10:21:22PM +0000, Jon Foster wrote:
> This patch fixes a crash when calling av_open_input_file() with a http: URL.
> This crash happens because buf is NULL and buf_size is 0, but cdxa_probe()
> dereferences buf without checking. The patch adds a check that buf_size
> is big enough to contain the signature.
nonsense, patch rejected
RTFM, AVPROBE_PADDING_SIZE
it clearly says the buffer MUST be 32bytes large at min, so NULL
does not qualify as a valid buffer
also probing a 0 byte sized file is completely meaningless
and this change should not prevent a crash it should just crash in the
next probe function
[...]
--
Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB
No snowflake in an avalanche ever feels responsible. -- Voltaire
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
URL: <http://lists.mplayerhq.hu/pipermail/ffmpeg-devel/attachments/20071101/fec39893/attachment.pgp>
More information about the ffmpeg-devel
mailing list