[FFmpeg-devel] [PATCH] Fix crash in cdxa_probe() when opening HTTP URL

Michael Niedermayer michaelni
Thu Nov 1 00:02:26 CET 2007


On Wed, Oct 31, 2007 at 10:21:22PM +0000, Jon Foster wrote:
> This patch fixes a crash when calling av_open_input_file() with a http: URL.
> This crash happens because buf is NULL and buf_size is 0, but cdxa_probe()
> dereferences buf without checking.  The patch adds a check that buf_size
> is big enough to contain the signature.

nonsense, patch rejected
it clearly says the buffer MUST be 32bytes large at min, so NULL
does not qualify as a valid buffer

also probing a 0 byte sized file is completely meaningless
and this change should not prevent a crash it should just crash in the
next probe function

Michael     GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB

No snowflake in an avalanche ever feels responsible. -- Voltaire
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
URL: <http://lists.mplayerhq.hu/pipermail/ffmpeg-devel/attachments/20071101/fec39893/attachment.pgp>

More information about the ffmpeg-devel mailing list