[FFmpeg-devel] [PATCH] Fix heap-buffer-overflow in matroska_parse_block
Michael Niedermayer
michaelni at gmx.at
Wed Mar 27 23:56:22 CET 2013
On Wed, Mar 27, 2013 at 03:34:02PM -0700, Matthew Wolenetz wrote:
> This patch fixes an issue encountered downstream in Chromium.
> matroska_parse_block (together with matroska_parse_laces) needs to subtract
> the lace metadata size from the buffer size, otherwise it still appears
> possible in upstream FFmpeg that out-of-bounds reads could occur later, for
> example in matroska_parse_rm_audio.
>
> Note: Dale Curtis <dalecurtis at chromium.org> is the original author of this
> patch.
>
> Matt
applied
thanks
[...]
--
Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB
DNS cache poisoning attacks, popular search engine, Google internet authority
dont be evil, please
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
URL: <http://ffmpeg.org/pipermail/ffmpeg-devel/attachments/20130327/a54cc379/attachment.asc>
More information about the ffmpeg-devel
mailing list