[FFmpeg-cvslog] Chronomaster DFA decoder

Reimar Döffinger Reimar.Doeffinger at gmx.de
Wed Mar 30 20:23:04 CEST 2011

On Wed, Mar 30, 2011 at 12:11:02PM +0200, Michael Niedermayer wrote:
> On Tue, Mar 29, 2011 at 07:45:27AM +0200, Reimar Döffinger wrote:
> > On 29 Mar 2011, at 03:09, git at videolan.org (Kostya Shishkov) wrote:
> > > FFmpeg | branch: master | Kostya Shishkov <kostya.shishkov at gmail.com> | Tue Mar 15 09:37:48 2011 +0100| [42315dabce376fd7085e2a1bbab4d230d3d2ccd8] | committer: Anton Khirnov
> > > 
> > > Chronomaster DFA decoder
> > 
> > I strongly recommend to disable this.
> > This is full of incorrectly done security checks where either overflow is not even considered at all or gcc may optimise away a critical check because in accordance with the C standard it assumes pointer arithmetic will not overflow.
> If you think there are still issues left after your commit then iam
> of course ok with disabling this decoder

No, I think I found them all. I just wasn't sure whether I'd have time,
and there are not that many people who care.
I was thinking about writing a security cheat-sheet, because I see the
same mistakes being made over and over and I start getting a bit tired
of it, and I think the basic rules are really simple (like when validing
something never apply any arithmetic to the variable to validate, never
ever, ever do pointer arithmetic involving unvalidated variables etc.).

More information about the ffmpeg-cvslog mailing list