[MPlayer-dev-eng] Fwd: [MPlayer-users] Mplayer exploit?!
Arpi
arpi at thot.banki.hu
Tue Jan 14 18:42:37 CET 2003
Hi,
> While this is a fake now, IMHO it's very good for us to be looking.
I said the same...
> I've been saying for a long time that mplayer is probably full of
> exploitable code, especially in the demuxers and possibly libmpeg2.
libmpeg2 is safe. it has boundary checks around writes, and has sig11
trap for illegal reads. but it's the only safe codec, imho.
the most possible overflows are in demuxers, especially in real, asf,
maybe mov, and the other overcomplicated ones.
mpeg is safe imho, and probably avi too.
also several codecs are optimized for speed, the price is missing boundary
checks. mp3lib is a good example of that... maybe libavcodec too.
and the biggest place: configfile & subtitles & playlists parsers.
while we can fix demuxers & text parsers easily, fixing codecs may cause
big speed loss.
A'rpi / Astral & ESP-team
--
Developer of MPlayer, the Movie Player for Linux - http://www.MPlayerHQ.hu
More information about the MPlayer-dev-eng
mailing list