Since VLC 2.2.0pre4, we've fixed a lot of head overflows, and heap buffer overflows in numerous VLC demuxers:
- demux: asf: stay within track limits - demux: libmp4: fix heap overflow in stdp debug code (fix #12358) - demux: mp4: fix heap buffer ofw with zero chunk (fix #12356) - demux: tta: fix heap buffer ofw (fix #12357) - demux: livavi: fix heap buffer ofw in strf parsing (fix #12359) - demux: libavi: fix heap write ofw - demux: ogg: fix use after free (fix #12360) - demux: mp4: fix heap read ofw in extra bytes - demux: asf: fix heap buffer write ofw in priorities (fix #12363) - demux: mp4: fix last chunk size computation (fix #12362) - demux: libmp4: fix heap buffer write ofw in chpl (fix #12366)
So far, we don't know any exploits, but the number is quite high, to be worrying.
Since you package -pre2 in Utopic, you should care also about the following int overflows, heap buffer overflows, heap overflows and other important crashes: access: dvdread: fix int overflow (cid #1062572) addons: fix deference before null check (cid #1231840) demux: mp4: fix integer overflow (fix #12074) packetizer: dirac: block sanitizing must clean reordering (fix #12051) demux: avi:fix block reading demux: mp4: fix heap buffer overflow (fix #12266) demux: ogg: Don't read skeleton if no bones first demux: ogg: don't use incomplete vorbis headers (fix #12270) demux: ogg: fix headers validation demux: mp4: fix heap read overflow in avcc (fix #12267) demux: ogg: fix packet count heap overflow (fix #12265) demux: mp4: don't read at all if not content demux: mp4: fix heap overflow (fix #12283) demux: mp4: don't trust atom type processing stsd (fix #12285) demux: mp4: fix heap overflow reading esds demux: mp4: fix heap read overflow in vide handler demux: mp4: fix overflow in cprt language decoding input: stream_memory: handle skip reads
Since VLC 2.2.0pre4, we've fixed a lot of head overflows, and heap buffer overflows in numerous VLC demuxers:
- demux: asf: stay within track limits
- demux: libmp4: fix heap overflow in stdp debug code (fix #12358)
- demux: mp4: fix heap buffer ofw with zero chunk (fix #12356)
- demux: tta: fix heap buffer ofw (fix #12357)
- demux: livavi: fix heap buffer ofw in strf parsing (fix #12359)
- demux: libavi: fix heap write ofw
- demux: ogg: fix use after free (fix #12360)
- demux: mp4: fix heap read ofw in extra bytes
- demux: asf: fix heap buffer write ofw in priorities (fix #12363)
- demux: mp4: fix last chunk size computation (fix #12362)
- demux: libmp4: fix heap buffer write ofw in chpl (fix #12366)
So far, we don't know any exploits, but the number is quite high, to be worrying.
Since you package -pre2 in Utopic, you should care also about the following int overflows, heap buffer overflows, heap overflows and other important crashes:
access: dvdread: fix int overflow (cid #1062572)
addons: fix deference before null check (cid #1231840)
demux: mp4: fix integer overflow (fix #12074)
packetizer: dirac: block sanitizing must clean reordering (fix #12051)
demux: avi:fix block reading
demux: mp4: fix heap buffer overflow (fix #12266)
demux: ogg: Don't read skeleton if no bones first
demux: ogg: don't use incomplete vorbis headers (fix #12270)
demux: ogg: fix headers validation
demux: mp4: fix heap read overflow in avcc (fix #12267)
demux: ogg: fix packet count heap overflow (fix #12265)
demux: mp4: don't read at all if not content
demux: mp4: fix heap overflow (fix #12283)
demux: mp4: don't trust atom type processing stsd (fix #12285)
demux: mp4: fix heap overflow reading esds
demux: mp4: fix heap read overflow in vide handler
demux: mp4: fix overflow in cprt language decoding
input: stream_memory: handle skip reads