[FFmpeg-devel] [PATCH]lavc/alac: Avoid allocating huge memory blocks for malicious alac input.

Carl Eugen Hoyos ceffmpeg at gmail.com
Wed Nov 1 16:50:10 EET 2017


2017-11-01 15:40 GMT+01:00 Paul B Mahol <onemda at gmail.com>:
> On 11/1/17, Carl Eugen Hoyos <ceffmpeg at gmail.com> wrote:
>> Hi!
>>
>> It appears to me that the alac decoder can be used for DoS,
>> the attached patch limits the maximum frame size to eight
>> times the default value.
>> (Higher values brake our encoder here.)
>>
>> Please comment and / or suggest another value, Carl Eugen
>>
>
> So alac encoder can not handle bigger frames or what?
>
> Look at other alac encoders, what are their limit on frame size?

I am not sure if it is enough to look on Apple's encoder, after
all, their decoder looks exploitable (or maybe I miss something).

> The limit you set is too low IMHO.

Could you suggest a limit that's below the several-GB area?

Thank you, Carl Eugen


More information about the ffmpeg-devel mailing list