Bug#550442: ffmpeg: deluge of crashes due to missing input sanitization
Moritz Muehlenhoff
jmm at inutil.org
Thu Dec 3 21:01:54 UTC 2009
On Sat, Oct 31, 2009 at 09:12:16AM +0100, Reinhard Tartler wrote:
> Marc Deslauriers <marc.deslauriers at canonical.com> writes:
>
> > On Thu, 2009-10-15 at 13:03 +0200, Reinhard Tartler wrote:
> >
> > <snip>
> >
> >> of chromium patches and managed to locate most patches in ffmpeg trunk
> >>
> >> Patches that I couldn't find upstream include:
> >>
> >> 09_mov_stsz_int_oflow.patch
> >> 32_mov_stream_index.patch
> >> 35_mov_bad_timings.patch
> >> 40_ogg_missing_header.patch
> >>
> >> They probably need further investigation.
> >
> >
> > 09_mov_stsz_int_oflow.patch:
> >
> > This looks like:
> > http://git.ffmpeg.org/?p=ffmpeg;a=commit;h=59a7d76f26091bb379e41e546c561d6987b2df3b
> >
> > 32_mov_stream_index.patch:
> >
> > http://git.ffmpeg.org/?p=ffmpeg;a=commit;h=83b7e34ccb8f63f24d91dfc4dd89a4971f36ce12
> > http://git.ffmpeg.org/?p=ffmpeg;a=commit;h=b601744633167a1b37bc171d298872d57522400e
> >
> > 40_ogg_missing_header.patch:
> >
> > http://git.ffmpeg.org/?p=ffmpeg;a=commit;h=7fb2fe280374bcb1c41c2a8e7aa5632d18dc4279
>
> excellent catches, they all indeed look very relevant. I've added them
> to the packaging branch.
>
> One problem, it breaks build. Therefore, I had to backport svn r18016
> aka 'MOV-Support-stz2-Compact-Sample-Size-Box' to fix FTBFS. without
> this patch, libavformat/mov.c won't compile, as field_size is introduced
> with this commit. While this patch is strictly speaking not in scope of
> an security update, it is easier to stick with upstream and backport
> this patch in addition.
>
> How to proceed now? In any case, I'll prepare an upload for lucid once
> it opens. Will you prepare uploads for stable ubuntu security pockets?
>
> @debian security team: shall I prepare an stable-security upload with
> this or do you want some testing in unstable first? NB: I'm blocked with
> uploading to unstable by ftp-master at .
Sorry, this slipped through. An update for stable-security would be very
welcome.
Cheers,
Moritz
More information about the pkg-multimedia-maintainers
mailing list