Package: mkvtoolnix
Version: 1.7.0-1
Severity: normal
Tags: security
If the "wBitsPerSample" parameter (last field in "fmt " chunk, normaly 0x22
file offset) is set to 4 in a WAV file, mkvmerge becomes a malloc bomb when
attempting to demux it.
mkvmerge v1.7.0 ('What Do You Take Me For') built on Jun 3 2006 16:39:55
'evil.wav': Using the WAV demultiplexer.
'evil.wav' track 0: Using the PCM output module.
The file 'out' has been opened for writing.
[boom]
^C
Warning: mkvmerge received a SIGINT (probably because the user pressed Ctrl+C).
\
Trying to sanitize the file. If mkvmerge hangs during this process you'll have \
to kill it manually.
[...]
-- System Information:
Debian Release: testing/unstable
APT prefers testing
APT policy: (500, 'testing'), (500, 'stable')
Architecture: amd64 (x86_64)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.8-12-amd64-k8
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL
set to en_US.UTF-8)
Versions of packages mkvtoolnix depends on:
ii libbz2-1.0 1.0.3-2 high-quality block-sorting file co
ii libc6 2.3.6-7 GNU C Library: Shared libraries
ii libexpat1 1.95.8-3.2 XML parsing C library - runtime li
ii libflac7 1.1.2-3.1 Free Lossless Audio Codec - runtim
ii libgcc1 1:4.1.0-1 GCC support library
ii liblzo1 1.08-3 data compression library (old vers
ii libmagic1 4.17-1 File type determination library us
ii libogg0 1.1.3-2 Ogg Bitstream Library
ii libstdc++6 4.1.0-1 The GNU Standard C++ Library v3
ii libvorbis0a 1.1.2-1 The Vorbis General Audio Compressi
ii zlib1g 1:1.2.3-11 compression library - runtime
Versions of packages mkvtoolnix recommends:
pn mkvtoolnix-gui <none> (no description available)
-- no debconf information
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
