[MPlayer-cvslog] CVS: main/libmpdemux asf.h, 1.18, 1.19 asfheader.c, 1.47, 1.48 demux_asf.c, 1.45, 1.46
Ivan Kalvachev
ikalvachev at gmail.com
Fri Mar 31 20:26:11 CEST 2006
- Previous message: [MPlayer-cvslog] CVS: main/libmpdemux asf.h, 1.18, 1.19 asfheader.c, 1.47, 1.48 demux_asf.c, 1.45, 1.46
- Next message: [MPlayer-cvslog] CVS: main/libmenu menu.c, 1.13, 1.14 menu.h, 1.2, 1.3 menu_list.c, 1.8, 1.9 menu_list.h, 1.2, 1.3 menu_console.c, 1.12, 1.13
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
2006/3/31, Attila Kinali <attila at kinali.ch>:
> On Thu, 30 Mar 2006 11:14:26 +0200
> Reimar Döffinger <Reimar.Doeffinger at stud.uni-karlsruhe.de> wrote:
>
> > buffer is still char * instead of uint8_t * though.
> > Not to mention that I don't think these are the only bugs left in the
> > asf demuxer (last time I tried playing an ASF stream generated by VLC it
> > segfaulted left and right...)
>
> If this isnt a fix for the buffer overflow, what are we
> going to do with the security advisory?
I fixed it already. please check my commit. also read my explanetion
for this particular bug and why it is not exploitable (at all) in the
mplayer-users maillist. Well we were lucky with this one, but that's
all.
and please kick diego to make mplayer-security
- Previous message: [MPlayer-cvslog] CVS: main/libmpdemux asf.h, 1.18, 1.19 asfheader.c, 1.47, 1.48 demux_asf.c, 1.45, 1.46
- Next message: [MPlayer-cvslog] CVS: main/libmenu menu.c, 1.13, 1.14 menu.h, 1.2, 1.3 menu_list.c, 1.8, 1.9 menu_list.h, 1.2, 1.3 menu_console.c, 1.12, 1.13
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the MPlayer-cvslog
mailing list