[FFmpeg-devel] [PATCH] ffmdec: sanitize codec parameters

Rostislav Pehlivanov atomnuker at gmail.com
Mon Nov 21 09:21:40 EET 2016


On 17 November 2016 at 00:08, Andreas Cadhalpun <
andreas.cadhalpun at googlemail.com> wrote:

> All the fields can be set via options read from the ffm file and thus
> have to be sanitized.
>
> A negative extradata size for example gets passed to memcpy in
> avcodec_parameters_from_context causing a segmentation fault.
>
> Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun at googlemail.com>
> ---
>
>
The ffm demuxer and ffserver will be removed before the next release (no
getting out of this, Reynaldo),
so it'll be pointless but whatever.


More information about the ffmpeg-devel mailing list