On Tue, Aug 01, 2017 at 07:24:56PM +0200, Salvatore Bonaccorso wrote:
>
> Hi,
>
> the following vulnerability was published for libmad.
>
> CVE-2017-11552[0]:
> | The mad_decoder_run function in decoder.c in libmad 0.15.1b allows
> | remote attackers to cause a denial of service (memory corruption) via a
> | crafted MP3 file.
>
> If you fix the vulnerability please also make sure to include the
> CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
I can reproduce this using mpg321, but not using madplay. Madplay
just shows:
$ madplay libmad_0.15.1b_memory_corruption.mp3
MPEG Audio Decoder 0.15.2 (beta) - Copyright (C) 2000-2004 Robert Leslie et al.
Title: ExifTool Test
Composer: A Composer
Artist: Phil Harvey
Album: Phil's Greatest Hits
Track: 1/5
Year: 2005
Genre: Testing
Comment: My Comments
error: frame 0: bad big_values count
0 frames decoded (0:00:00.0), -inf dB peak amplitude, 0 clipped samples
Where "bad big_values count" is an error generated by libmad.
Kurt
