[FFmpeg-devel] [PATCH] fli with invalid frame size overreads buffer (issue 2520)
Michael Niedermayer
michaelni
Mon Jan 10 02:18:57 CET 2011
On Sun, Jan 09, 2011 at 03:48:39PM -0500, Daniel Kang wrote:
> ffmpeg does not check for overreads in fli decoding. This is probably
> because it is difficult to determine how much the decoding will read in,
> due to the large number of cases. The patch attached adds a check for
> this.
> flicvideo.c | 4 ++++
> 1 file changed, 4 insertions(+)
> 7c1cb423fa786e1c29e37df538dc3daad4b6603a fli_overread_check.diff
> From 294ac5d1681f8cbd6575eab1dc52e9170ae2d296 Mon Sep 17 00:00:00 2001
> From: Daniel Kang <daniel.d.kang at gmail.com>
> Date: Sun, 9 Jan 2011 15:26:29 -0500
> Subject: [PATCH] Add check for fli files
This looks quite insufficient
[...]
--
Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB
He who knows, does not speak. He who speaks, does not know. -- Lao Tsu
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
URL: <http://lists.mplayerhq.hu/pipermail/ffmpeg-devel/attachments/20110110/106a2e5c/attachment.pgp>
More information about the ffmpeg-devel
mailing list