[FFmpeg-devel] Fix read-after-free in matroska_read_seek()
Michael Niedermayer
michaelni at gmx.at
Sat Nov 8 01:41:22 CET 2014
Hi
On Thu, Nov 06, 2014 at 04:13:53PM -0800, Xiaohan Wang (王消寒) wrote:
> Hello ffmpeg-devel:
>
> This is my first patch to FFmpeg, let me know if I am doing anything wrong
> :)
>
> This is a small patch to fix a read-after-free error in matroskadec.c.
> Please take a look.
>
> Xiaohan
> matroskadec.c | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
> e0faeb3b1ac7253a28e57bcff0bb9bde42b9d670 0001-Fix-read-after-free-in-matroska_read_seek.patch
> From 45a523e9213cc887aa90cdf4953e66918b34f689 Mon Sep 17 00:00:00 2001
> From: Xiaohan Wang <xhwang at chromium.org>
> Date: Thu, 6 Nov 2014 12:59:54 -0800
> Subject: [PATCH] Fix read-after-free in matroska_read_seek().
>
> In matroska_read_seek(), |tracks| is assigned at the begining of the function.
> However, functions like matroska_parse_cues() could reallocate the tracks so
> that |tracks| can get invalidated.
>
> This CL assigns |tracks| only before we use it so that it won't be invalidated.
>
> BUG=427266
> TEST=Test case in associated bug passes now.
>
> Change-Id: I9c7065fe8f4311ca846076281df2282d190ed344
patch applied
thanks
[...]
--
Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB
What does censorship reveal? It reveals fear. -- Julian Assange
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 181 bytes
Desc: Digital signature
URL: <https://ffmpeg.org/pipermail/ffmpeg-devel/attachments/20141108/76ef8cf5/attachment.asc>
More information about the ffmpeg-devel
mailing list