[FFmpeg-trac] #8845(avcodec:new): A stack-buffer-overflow in FFmpeg JIT code
FFmpeg
trac at avcodec.org
Thu Aug 20 23:41:14 EEST 2020
#8845: A stack-buffer-overflow in FFmpeg JIT code
------------------------------------+-----------------------------------
Reporter: seviezhou | Owner:
Type: defect | Status: new
Priority: important | Component: avcodec
Version: git-master | Resolution:
Keywords: aac | Blocked By:
Blocking: | Reproduced by developer: 0
Analyzed by developer: 0 |
------------------------------------+-----------------------------------
Comment (by JEEB):
For the record I posted a patch set that would improve the sanity checks
for 22.2 so that it is not as easy to get handled as such on the 18th, but
so far have received no reviews:
https://patchwork.ffmpeg.org/project/ffmpeg/list/?series=2055
This causes both of the fuzzing samples I have received to no longer be an
issue (with both valgrind and clang 10 ASAN), while it still enables valid
22.2 content to decode properly.
--
Ticket URL: <https://trac.ffmpeg.org/ticket/8845#comment:3>
FFmpeg <https://ffmpeg.org>
FFmpeg issue tracker
More information about the FFmpeg-trac
mailing list