[FFmpeg-devel] [PATCH] avio: fix potential crashes when combining ffio_ensure_seekback + crc

Michael Niedermayer michaelni at gmx.at
Wed Jun 17 01:20:11 CEST 2015

On Wed, Jun 17, 2015 at 12:21:02AM +0200, wm4 wrote:
> Calling ffio_ensure_seekback() if ffio_init_checksum() has been called
> on the same context can lead to out of bounds memory accesses and
> crashes. The reason is that ffio_ensure_seekback() does not update
> checksum_ptr after reallocating the buffer, resulting in a dangling
> pointer.
> This effectively fixes potential crashes when opening mp3 files.
> ---
> checksum_ptr is an abomination. Should probably be replaced by an
> offset or so, except it's part of the ABI now.
> ---
>  libavformat/aviobuf.c | 4 ++++
>  1 file changed, 4 insertions(+)



Michael     GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB

In fact, the RIAA has been known to suggest that students drop out
of college or go to community college in order to be able to afford
settlements. -- The RIAA
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 181 bytes
Desc: Digital signature
URL: <https://ffmpeg.org/pipermail/ffmpeg-devel/attachments/20150617/473a8774/attachment.asc>

More information about the ffmpeg-devel mailing list