On Tue, Dec 13, 2016 at 12:33:09AM +0100, Andreas Cadhalpun wrote: > On 10.12.2016 20:15, Michael Niedermayer wrote: > > Fixes CVE-2016-9561 > > I think the commit message should mention that the security relevance of > this is disputed, as running out of memory can happen with valid files.
changed
>
> > Suggested-by: Andreas Cadhalpun <andreas.cadhal...@googlemail.com>
> > Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
> > ---
> > libavformat/options_table.h | 2 +-
> > 1 file changed, 1 insertion(+), 1 deletion(-)
> >
> > diff --git a/libavformat/options_table.h b/libavformat/options_table.h
> > index d5448e503f..a537dda95e 100644
> > --- a/libavformat/options_table.h
> > +++ b/libavformat/options_table.h
> > @@ -105,7 +105,7 @@ static const AVOption avformat_options[] = {
> > {"format_whitelist", "List of demuxers that are allowed to be used",
> > OFFSET(format_whitelist), AV_OPT_TYPE_STRING, { .str = NULL }, CHAR_MIN,
> > CHAR_MAX, D },
> > {"protocol_whitelist", "List of protocols that are allowed to be used",
> > OFFSET(protocol_whitelist), AV_OPT_TYPE_STRING, { .str = NULL }, CHAR_MIN,
> > CHAR_MAX, D },
> > {"protocol_blacklist", "List of protocols that are not allowed to be
> > used", OFFSET(protocol_blacklist), AV_OPT_TYPE_STRING, { .str = NULL },
> > CHAR_MIN, CHAR_MAX, D },
> > -{"max_streams", "maximum number of streams", OFFSET(max_streams),
> > AV_OPT_TYPE_INT, { .i64 = INT_MAX }, 0, INT_MAX, D },
> > +{"max_streams", "maximum number of streams", OFFSET(max_streams),
> > AV_OPT_TYPE_INT, { .i64 = 1000 }, 0, INT_MAX, D },
> > {NULL},
> > };
>
> The change itself looks good to me.
applied
thanks
[...]
--
Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB
It is dangerous to be right in matters on which the established authorities
are wrong. -- Voltaire
signature.asc
Description: Digital signature
_______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org http://ffmpeg.org/mailman/listinfo/ffmpeg-devel
