Bug#773993: avprobe loops endlessly on certain FLAC files
Sebastian Ramacher
sramacher at debian.org
Thu Jan 1 11:15:21 UTC 2015
Control: found -1 6:11.1-1
Control: tags -1 + confirmed upstream
On 2014-12-26 21:45:57, Max Kellermann wrote:
> Package: libavcodec56
> Version: 6:11-2
> Severity: important
>
> Download the following file:
> http://farragut.drunkensailor.org:50000/track2.flac
>
> Then run "avprobe" on it. libavcodec will loop endlessly.
>
> This library bug is important because you can use it for a
> denial-of-service attack against remotly accessible services like MPD.
Could you please forward this issue to the upstream bugtracker at
https://bugzilla.libav.org/ and let us know the bug number?
In any case, flac thinks the file is not a FLAC file or is corrupted:
| $ flac -t track2.flac
|
| flac 1.3.0, Copyright (C) 2000-2009, 2011-2013 Josh Coalson & Xiph.Org Foundation
| flac comes with ABSOLUTELY NO WARRANTY. This is free software, and you are
| welcome to redistribute it under certain conditions. Type `flac' for details.
|
| track2.flac: *** Got error code 0:FLAC__STREAM_DECODER_ERROR_STATUS_LOST_SYNC
|
| The input file is either not a FLAC file or is corrupted. If you are
| convinced it is a FLAC file, you can rerun the same command and add the
| -F parameter to try and recover as much as possible from the file.
|
|
| track2.flac: ERROR while decoding metadata
| state = FLAC__STREAM_DECODER_END_OF_STREAM
Cheers
--
Sebastian Ramacher
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-multimedia-maintainers/attachments/20150101/c005bf78/attachment.sig>
More information about the pkg-multimedia-maintainers
mailing list