Bug#496612: ffmpeg: dca decoder crashes on a crafted file
Alexander E. Patrakov
patrakov at gmail.com
Tue Aug 26 04:38:21 UTC 2008
Package: ffmpeg
Version: 0.svn20080206-8
Severity: normal
Try to ffplay or convert the attached crash.dts file (not a valid DTS stream,
produced by accident when I made a wrong change to my not-yet-released DTS
encoder) - ffmpeg segfaults at least on amd64, which may have security
implications. This crash is not present in the latest SVN version of ffmpeg
(although I don't know which revision fixes this), and it also has some
correctness fixes that you may want to backport (dcadata.h: revision 14964,
dca.c: revisions 14937 and 14917).
-- System Information:
Debian Release: lenny/sid
APT prefers testing
APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.26-1-amd64 (SMP w/2 CPU cores)
Locale: LANG=ru_RU.UTF-8, LC_CTYPE=ru_RU.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages ffmpeg depends on:
ii libavcodec51 0.svn20080206-11 ffmpeg codec library
ii libavdevice52 0.svn20080206-11 ffmpeg device handling library
ii libavformat52 0.svn20080206-11 ffmpeg file format library
ii libavutil49 0.svn20080206-11 ffmpeg utility library
ii libc6 2.7-13 GNU C Library: Shared libraries
ii libfreetype6 2.3.7-2 FreeType 2 font engine, shared
lib
ii libimlib2 1.4.0-1.1 powerful image loading and
renderi
ii libsdl1.2debian 1.2.13-2 Simple DirectMedia Layer
ii libswscale0 0.svn20080206-11 ffmpeg video scaling library
ffmpeg recommends no packages.
ffmpeg suggests no packages.
-- no debconf information
-------------- next part --------------
A non-text attachment was scrubbed...
Name: crash.dts
Type: application/octet-stream
Size: 2048 bytes
Desc: not available
Url : http://lists.alioth.debian.org/pipermail/pkg-multimedia-maintainers/attachments/20080826/82c25a8e/attachment.obj
More information about the pkg-multimedia-maintainers
mailing list