[MPlayer-dev-eng] [BUG][PATCH][RESEND] Another small bug in libmpeg2 0.4.0b usage

Diego Biurrun diego at biurrun.de
Mon Sep 13 02:37:49 CEST 2004


Attila Kinali writes:
> On Tue, Aug 31, 2004 at 07:11:28AM +0300, Shachar Raindel wrote:
> >   I have sent this as part of the thread related to libmpeg2 problems,
> > but since everybody seems to skip it, I resend it with some more
> > attention drawing headers.
> > 
> > After hunting this bug, I runned mplayer under valgrind, and found
> > another hidden bug in the libmpeg2 code (vd_libmpeg2.c). This bug is
> > triggered when libmpeg2 is fed with a large amount of bogus data,
> > causing it to to return while we try to feed it from the pending data
> > buffer, causing us to realloc the pending data buffer, and than try to
> > move the memory inside it, which might cause segmantation fault,
> > especially if glibc has freed the area. I attach a patch which should
> > fix this bug as well.
> 
> Any comments about this patch ?

Jindrich, you took care of the libmpeg2 update and the related bug
fixes, could you please check and apply this?  Or Ivan, maybe you?

Diego




More information about the MPlayer-dev-eng mailing list