Date: Fri, 3 Nov 2017 11:17:03 +0000 From: 连一汉 <lianyihan@....cn> To: "oss-security@...ts.openwall.com" <oss-security@...ts.openwall.com> Subject: [CVE-2017-15672]: ffmpeg: read out of bounds of buffer when it parsing an craft mp4 file. Affected package: ffmpeg Affected versions: <= 3.3.4 FFmpeg could read out of bounds of buffer when it parsing an craft mp4 file. While ffmpeg calculating “bytestream_end” in ff_init_range_encoder() of libavcodec/rangecoder.c, it uses a small “buf_size”. But when using this structure in read_header() of libavcodec/ffv1dec.c, It will minus a bigger “trailer” than “buf_size” to read “size” through AV_RB24(). So it reads the front memory of “bytestream”, and get an error “size”. The issue was fixed with the following commit: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=c20f4fcb74da2d0432c7b54499bb98f48236b904 Regards Reported by Zhibin Hu and Yihan Lian from Qihoo 360 GearTeam
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.