[FFmpeg-devel] [PATCH 1/2] avformat/oggparsevorbis: Update context on double init
Michael Niedermayer
michael at niedermayer.cc
Wed Apr 8 02:04:59 EEST 2020
On Tue, Apr 07, 2020 at 10:55:39AM +0200, Paul B Mahol wrote:
> On 4/6/20, Michael Niedermayer <michael at niedermayer.cc> wrote:
> > On Mon, Apr 06, 2020 at 12:00:21PM +0200, Anton Khirnov wrote:
> >> Quoting Michael Niedermayer (2020-04-05 00:38:41)
> >> > Fixes: memleak
> >>
> >> Memleak of what/where/why? This is highly non-obvious.
> >
> > yes, i tend to be terse on "security" fixes so as not to provide a
> > "how to exploit"
> >
> > what leaks is the AVVorbisParseContext it leaks as there is no check for it
> > being already allocated.
> > I attempted to add such a check but that was rejected by paul with no
> > further
> > comment.
> > See: 0113 10:59 To FFmpeg devel (1,4K) [FFmpeg-devel] [PATCH]
> > avformat/oggparsevorbis: Error out on double init of vp
> >
> > This patch works around that by preventing the demuxer allocated extradata
> > from being replaced by the NULL extradata from the decoder
> > As there is a check for double allocating the extradata that will protect
> > also from AVVorbisParseContext double allocation
> >
> > that said, the whole back and forth copying of parameters we have in
> > libavformat now a days is not pretty and every time i look at it it
> > feels fragile. Iam a bit surprised this doesnt cause more problems
> >
> > There are of course other ways to fix this, i did tend towards a
> > simple (hopefully) easy to backport fix
> >
> > What do you prefer ?
>
> I rejected patch, because Lynee reported over IRC, which you
> thankfully completely ignored, bug that stops playing files.
i must have forgotten. I dont remember
Can you or someone tell me what bug this is about or which ticket this is about
if theres a ticket?
Thanks
[...]
--
Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB
Those who are best at talking, realize last or never when they are wrong.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: not available
URL: <https://ffmpeg.org/pipermail/ffmpeg-devel/attachments/20200408/ba2b3795/attachment.sig>
More information about the ffmpeg-devel
mailing list