clone 403379 -1 retitle -1 libavcodec: segfault while reading an mpeg file reassign -1 libavcodec0d found -1 0.cvs20060823-4 thanks
Aurelien Jarno wrote: > Package: mplayer > Version: 1.0~rc1-8 > Severity: grave > Tags: security > Justification: user security hole > > mplayer segfaults on a file I have (probably badly) downloaded from the > Internet. Note that other video applications in Debian (vlc, kaffeine) > do not segfault. It is very likely a security problem. > > The file is available here: http://temp.aurel32.net/mplayer.mpeg using gdb, I saw that this is a bug in code that is in libavcodec: 0x0830957d in mpeg_decode_mb (s=0x8765560, block=0x87865e0) at mpeg12.c:1466 1466 s->current_picture.mb_type[ s->mb_x + s->mb_y*s->mb_stride ]= b_type; Then I tried ffmpeg , and it crashes as well. $ ffmpeg -i mplayer.mpeg -target pal-vcd /tmp/vcd.mpg FFmpeg version SVN-rUNKNOWN, Copyright (c) 2000-2004 Fabrice Bellard configuration: --enable-gpl --enable-pp --enable-pthreads --enable-vorbis --enable-libogg --enable-a52 --enable-dts --enable-libgsm --enable-dc1394 --disable-debug --enable-shared --prefix=/usr libavutil version: 0d.49.0.0 libavcodec version: 0d.51.11.0 libavformat version: 0d.50.5.0 built on Sep 25 2006 15:25:04, gcc: 4.1.2 20060901 (prerelease) (Debian 4.1.1-13) Segmentation fault So I am cloning this bug to libavcodec0d a.
signature.asc
Description: OpenPGP digital signature
