[FFmpeg-devel] [PATCH] *alloc(type)

Michael Niedermayer michaelni
Sat Nov 20 22:23:35 CET 2010


On Sat, Nov 20, 2010 at 02:15:15PM -0500, Ronald S. Bultje wrote:
> Hi,
> 
> On Sat, Nov 20, 2010 at 1:38 PM, Reimar D?ffinger
> <Reimar.Doeffinger at gmx.de> wrote:
> > On Sat, Nov 20, 2010 at 12:56:14PM -0500, Ronald S. Bultje wrote:
> >> Again, what is the bug you're trying to fix? The _real_ bug, not the
> >> imaginary one.
> >
> > None, but if we are changing it anyway...
> 
> Michael?

*malloc() is supposed to use size_t, people wont expect unsigned int.
and if people do expect size_t and that is 64bit while int is 32bit then your
chances are good that you have a exploitable bug.


API should be intuitiv and just work not require perfect knowledge to avoid
ending with exploitable code.
And our malloc() using a different type than ISO C malloc() is not good either

[...]
-- 
Michael     GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB

If a bugfix only changes things apparently unrelated to the bug with no
further explanation, that is a good sign that the bugfix is wrong.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
URL: <http://lists.mplayerhq.hu/pipermail/ffmpeg-devel/attachments/20101120/1b6c17ae/attachment.pgp>



More information about the ffmpeg-devel mailing list