[FFmpeg-devel] [PATCH 1/2] libavdevice/avfoundation.m: fix protential unreleased lock issue

YE Chengfeng cyeaa at connect.ust.hk
Sat Oct 2 06:01:22 EEST 2021

Hi, Thilo


I hope this email finds you well. I am writing you to discuss whether it is possible to collaboratively apply CVE IDs for these issues.

Below is my understanding after eyeballing them for a while:

These two bug-located functions are registered as callbacks in the AVInputFormat structure, which means that they can be invoked multiple times. Thus, the unreleased lock problems could result in deadlocks, wreaking a DoS.

Moreover, previous CVE also shows that missing lock releases are potential risks for the system, such as these two CVE.

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-2650 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8340

Looking forward to more interesting discussion. Let me know what I can help you with.

Thanks so much,

获取 Outlook for iOS<https://aka.ms/o0ukef>
发件人: ffmpeg-devel <ffmpeg-devel-bounces at ffmpeg.org> 代表 Thilo Borgmann <thilo.borgmann at mail.de>
发送时间: Friday, September 17, 2021 9:32:39 PM
收件人: ffmpeg-devel at ffmpeg.org <ffmpeg-devel at ffmpeg.org>
主题: Re: [FFmpeg-devel] [PATCH 1/2] libavdevice/avfoundation.m: fix protential unreleased lock issue

Am 26.08.21 um 16:40 schrieb Chengfeng Ye:
> The problem here is that the lock ctx->frame_lock will
> become an unreleased lock if the program returns at
> line 697, line 735 and line744.
> Cc: cyeaa at connect.ust.hk
> Bug tracker link: https://apc01.safelinks.protection.outlook.com/?url=https%3A%2F%2Ftrac.ffmpeg.org%2Fticket%2F9385%2F%23ticket&data=04%7C01%7Ccyeaa%40connect.ust.hk%7C410d533d51004a8b100b08d979dfa7c1%7C6c1d415239d044ca88d9b8d6ddca0708%7C1%7C0%7C637674823770955787%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=OgH7jfZNs1oettfBusfZpTx3maIGFcImvVJfpjGhkPQ%3D&reserved=0
> Signed-off-by: Chengfeng Ye <cyeaa at connect.ust.hk>
> ---
>  libavdevice/avfoundation.m | 3 +++
>  1 file changed, 3 insertions(+)

Pushed, thanks!

ffmpeg-devel mailing list
ffmpeg-devel at ffmpeg.org

To unsubscribe, visit link above, or email
ffmpeg-devel-request at ffmpeg.org with subject "unsubscribe".

More information about the ffmpeg-devel mailing list