On ke, 2015-12-16 at 21:38 +0100, Roland Fischer wrote:
> Hello!
>
> To make things easier I simply zipped the AACS folder of the disc an
> uploaded it to tinyupload:
> http://s000.tinyupload.com/index.php?file_id=43898648543121342749
>
> MKB_RO.inf and MKB_RW.inf are completely empty - both are
libaacs | branch: master | npzacs | Mon Jan 11 12:51:36 2016
+0200| [9f3f74051d92c2072b272ed1089751f1220ec997] | committer: npzacs
Check calloc() result
> http://git.videolan.org/gitweb.cgi/libaacs.git/?a=commit;h=9f3f74051d92c2072b272ed1089751f1220ec997
---
src/file/keydbcfg.c |9 +++
libaacs | branch: master | npzacs | Mon Jan 11 12:52:04 2016
+0200| [b05f96370b68b1d7cc934c0363ca0009bee04ced] | committer: npzacs
Check cache memory size before reading.
TOCTOU between data size check and read: attacker could replace cache
file with larger one and cause buffer overflow.
> htt
libaacs | branch: master | npzacs | Tue Dec 15 14:31:32 2015
+0200| [72e4a984b5599d49421ee047196b0bc452924ec3] | committer: npzacs
mkb: add sanity checks
Avoid overreading if record is too short.
> http://git.videolan.org/gitweb.cgi/libaacs.git/?a=commit;h=72e4a984b5599d49421ee047196b0bc452924
