Hi Umair, On Sat, Oct 14, 2017 at 9:59 AM, Umair Khan <omerj...@gmail.com> wrote:
> I tested the file which Michael sent. The thing is that I'm getting > error in decoding that file in both the cases, with or without the > patch. I will begin debugging this issue, however I think the file > which Michael sent has got nothing to do with the patch in this > thread. > I don't think the file is meant to be decoded correctly, it's a specially crafted file to demonstrate that certain codepaths (triggered by files such as this) can be used to trigger unwanted behaviour (overreads, overwrites, etc.). Eventually, combinations of such files can be used to break into your system with specially crafted media files (yes, really). Your patch introduces such a security issue (since it's triggered by the file after, but not before the patch). This must be fixed before the patch can be committed. Ronald _______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org http://ffmpeg.org/mailman/listinfo/ffmpeg-devel
