[MPlayer-dev-eng] [BUG][PATCH][RESEND] Another small bug in libmpeg2 0.4.0b usage
Attila Kinali
attila at kinali.ch
Sun Sep 12 02:46:11 CEST 2004
On Tue, Aug 31, 2004 at 07:11:28AM +0300, Shachar Raindel wrote:
> Hi,
> I have sent this as part of the thread related to libmpeg2 problems,
> but since everybody seems to skip it, I resend it with some more
> attention drawing headers.
>
>
> After hunting this bug, I runned mplayer under valgrind, and found
> another hidden bug in the libmpeg2 code (vd_libmpeg2.c). This bug is
> triggered when libmpeg2 is fed with a large amount of bogus data,
> causing it to to return while we try to feed it from the pending data
> buffer, causing us to realloc the pending data buffer, and than try to
> move the memory inside it, which might cause segmantation fault,
> especially if glibc has freed the area. I attach a patch which should
> fix this bug as well.
Any comments about this patch ?
Attila Kinali
More information about the MPlayer-dev-eng
mailing list