oss-sec mailing list archives
Re: CVE Request: FFmpeg 2.1 multiple problems
From: Michael Niedermayer <michaelni () gmx at>
Date: Thu, 28 Nov 2013 12:09:48 +0100
On Thu, Nov 28, 2013 at 01:02:52AM -0700, Kurt Seifried wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Ok tracked down who reported most of these, but two are still unknown:
[...]
https://github.com/FFmpeg/FFmpeg/commit/454a11a1c9c686c78aa97954306fb63453299760 avcodec/dsputil: fix signedness in sizeof() comparissions leading to interger overflow and out of array accesses Who reported this?
IIRC after i fixed ticket2919, i searched for similar issues in the codebase and that was what i found.
https://github.com/FFmpeg/FFmpeg/commit/547d690d676064069d44703a1917e0dab7e33445 Fixes out of array (on heap) writes in ffv1 decoding https://trac.ffmpeg.org/ticket/2906 ami_stuff Found-by: ami_stuff
[...]
https://github.com/FFmpeg/FFmpeg/commit/86736f59d6a527d8bc807d09b93f971c0fe0bb07 avcodec/pngdsp: fix (un)signed type in end comparission Fixes out of array writes in png decoding https://trac.ffmpeg.org/ticket/2919 ami_stuff Found_by: ami_stuff
[...]
https://github.com/FFmpeg/FFmpeg/commit/b05cd1ea7e45a836f7f6071a716c38bb30326e0f ffv1dec: Check bits_per_raw_sample and colorspace for equality in ver 0/1 headers prevents inconsistency and out of array write Who reported this?
IIRC it probably was the result of code review which was done due to Ticket 2906 [...] -- Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB Rewriting code that is poorly written but fully understood is good. Rewriting code that one doesnt understand is a sign that one is less smart then the original author, trying to rewrite it will not make it better.
Attachment:
signature.asc
Description: Digital signature
Current thread:
- CVE Request: FFmpeg 2.1 multiple problems Michael Niedermayer (Nov 26)
- Re: CVE Request: FFmpeg 2.1 multiple problems Kurt Seifried (Nov 26)
- Re: CVE Request: FFmpeg 2.1 multiple problems Kurt Seifried (Nov 28)
- Re: CVE Request: FFmpeg 2.1 multiple problems Michael Niedermayer (Nov 28)
- Re: CVE Request: FFmpeg 2.1 multiple problems Kurt Seifried (Dec 06)
- Re: CVE Request: FFmpeg 2.1 multiple problems Michael Niedermayer (Nov 28)
- Re: CVE Request: FFmpeg 2.1 multiple problems cve-assign (Dec 08)