[FFmpeg-devel] [PATCH] avformat/demux: Fix segfault due to avcodec_open2 failure (v2)
Michael Niedermayer
michael at niedermayer.cc
Wed Jun 11 18:51:06 EEST 2025
Hi Pavel
On Tue, Jun 10, 2025 at 05:36:14PM -0600, Pavel Koshevoy wrote:
> On Tue, Jun 10, 2025 at 4:11 PM Michael Niedermayer <michael at niedermayer.cc>
> wrote:
>
> > Hi Pavel
> >
> > On Tue, Jun 10, 2025 at 11:27:37AM -0600, Pavel Koshevoy wrote:
> > > On Tue, Jun 10, 2025 at 9:29 AM Michael Niedermayer <
> > michael at niedermayer.cc>
> > [...]
> >
> > > I have never had any intention of introducing a
> > > security vulnerability.
> >
> > do you agree that the patch should be reverted ?
> > (and also the 2 backports of it)
> >
>
> No, since I already provided a fix
To clarify, iam not against your fix, (if its reviewed)
my concern is that this fix is not sufficent to add support
for changing codec_id and codec_type at random points mid stream
[...]
> >
> > PS: The researcher also wants a CVE# for this issue.
> >
>
> IDK what this means.
More eyes looking at this
thx
[...]
--
Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB
The worst form of inequality is to try to make unequal things equal.
-- Aristotle
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 195 bytes
Desc: not available
URL: <https://ffmpeg.org/pipermail/ffmpeg-devel/attachments/20250611/b0819e74/attachment.sig>
More information about the ffmpeg-devel
mailing list