On Nov 22, 08 17:49:40 +0100, Thomas Viehmann wrote: > I am not quite sure whether I can agree with Will Drewry's analysis[1] > accompanying ocert advisory 2008-008[1]. Looking at item 1A, which Will > says is fixed in 1.1.5, attached .mov seems to fit the case description > and will still corrupt the memory when viewed e.g. in gxine. xine-lib > with the attached patch seems to be more successful in preventing the > attach (note that the file is more tuned to be small than to be a valid > .mov, but the same works by including the bad meta in an otherwise good > file). Note that xine_xmalloc is specifically designed to allocate > memory when passed size 0. Upstream seems to move away from it, but... > As Will notices, demux-qt.c has loads of unfixed problems. > > If anyone cares to go over the xine-lib issues (primarily the unfixed > ones from Will's section 3), I'd much appreciate a CC. In order to make > the analysis and verification more, I would also be interested in the > test cases mentioned in the advisory.
I have fixed all of them (at least I believe so, but I have to verify your test case), and we're waiting for new ocert numbers. Given that this takes so long, and the issues are public anyway, I will probably upstream the fixes soon. If you would verify them it would be awesome. Matthias -- Matthias Hopf <[EMAIL PROTECTED]> __ __ __ Maxfeldstr. 5 / 90409 Nuernberg (_ | | (_ |__ [EMAIL PROTECTED] Phone +49-911-74053-715 __) |_| __) |__ R & D www.mshopf.de -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
