Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 26 Sep 2016 03:03:16 +0200
From: cookieopfer@....net
To: oss-security@...ts.openwall.com
Subject: Re: Re: ffmpeg afl bugs



> Have fun with ffmpeg-h264-call-stack-overflow.mp4
> > Perhaps you meant to share this file with this community?

yes, I forgot to mention it is in
/usr/share/doc/afl/vuln_samples/ffmpeg-h264-call-stack-overflow.mp4
 
> Hmm... I think that
> docs/vuln_samples/ffmpeg-h264-call-stack-overflow.mp4 is just a sample
> file that comes with AFL (and dates back to December 2014). I doubt it
> still crashes anything

see above! not crashing, but:

 "overread end of atom 'stsd' by 4294967134 bytes"

> and I'm not sure what the original reporter was trying to say.
> 
> /mz

I just can't fix it further on this machine, so I only could post the
trace.

Also thanks for afl-fuzz!
[ CONTENT OF TYPE video/mp4 SKIPPED ]

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ