[FFmpeg-trac] #7250(avcodec:closed): There are several potential out-of-bounds access vulnerabilities because of missing check for avctx->height and avctx->width

FFmpeg trac at avcodec.org
Wed Jun 13 12:17:04 EEST 2018


#7250: There are several potential out-of-bounds access vulnerabilities because of
missing check for avctx->height and avctx->width
-------------------------------------+-------------------------------------
             Reporter:  Yooooooha    |                    Owner:
                 Type:  defect       |                   Status:  closed
             Priority:  normal       |                Component:  avcodec
              Version:  git-master   |               Resolution:
             Keywords:  crash        |  needs_more_info
             Blocking:               |               Blocked By:
Analyzed by developer:  0            |  Reproduced by developer:  0
-------------------------------------+-------------------------------------
Changes (by cehoyos):

 * status:  new => closed
 * resolution:   => needs_more_info


Comment:

 It appears that several of the provided patches break legitimate input
 files. Please reopen this ticket if you can provide samples that allow to
 reproduce the vulnerabilities that you tried to fix.

--
Ticket URL: <https://trac.ffmpeg.org/ticket/7250#comment:3>
FFmpeg <https://ffmpeg.org>
FFmpeg issue tracker


More information about the FFmpeg-trac mailing list