Message ID | 20161210191513.29783-1-michael@niedermayer.cc |
---|---|
State | Accepted |
Commit | 30581c51e72a7a7ea1572c1c6039f6e4c590a55c |
Headers | show |
On 10.12.2016 20:15, Michael Niedermayer wrote: > Fixes CVE-2016-9561 I think the commit message should mention that the security relevance of this is disputed, as running out of memory can happen with valid files. > Suggested-by: Andreas Cadhalpun <andreas.cadhalpun@googlemail.com> > Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> > --- > libavformat/options_table.h | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/libavformat/options_table.h b/libavformat/options_table.h > index d5448e503f..a537dda95e 100644 > --- a/libavformat/options_table.h > +++ b/libavformat/options_table.h > @@ -105,7 +105,7 @@ static const AVOption avformat_options[] = { > {"format_whitelist", "List of demuxers that are allowed to be used", OFFSET(format_whitelist), AV_OPT_TYPE_STRING, { .str = NULL }, CHAR_MIN, CHAR_MAX, D }, > {"protocol_whitelist", "List of protocols that are allowed to be used", OFFSET(protocol_whitelist), AV_OPT_TYPE_STRING, { .str = NULL }, CHAR_MIN, CHAR_MAX, D }, > {"protocol_blacklist", "List of protocols that are not allowed to be used", OFFSET(protocol_blacklist), AV_OPT_TYPE_STRING, { .str = NULL }, CHAR_MIN, CHAR_MAX, D }, > -{"max_streams", "maximum number of streams", OFFSET(max_streams), AV_OPT_TYPE_INT, { .i64 = INT_MAX }, 0, INT_MAX, D }, > +{"max_streams", "maximum number of streams", OFFSET(max_streams), AV_OPT_TYPE_INT, { .i64 = 1000 }, 0, INT_MAX, D }, > {NULL}, > }; The change itself looks good to me. Best regards, Andreas
On Tue, Dec 13, 2016 at 12:33:09AM +0100, Andreas Cadhalpun wrote: > On 10.12.2016 20:15, Michael Niedermayer wrote: > > Fixes CVE-2016-9561 > > I think the commit message should mention that the security relevance of > this is disputed, as running out of memory can happen with valid files. changed > > > Suggested-by: Andreas Cadhalpun <andreas.cadhalpun@googlemail.com> > > Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> > > --- > > libavformat/options_table.h | 2 +- > > 1 file changed, 1 insertion(+), 1 deletion(-) > > > > diff --git a/libavformat/options_table.h b/libavformat/options_table.h > > index d5448e503f..a537dda95e 100644 > > --- a/libavformat/options_table.h > > +++ b/libavformat/options_table.h > > @@ -105,7 +105,7 @@ static const AVOption avformat_options[] = { > > {"format_whitelist", "List of demuxers that are allowed to be used", OFFSET(format_whitelist), AV_OPT_TYPE_STRING, { .str = NULL }, CHAR_MIN, CHAR_MAX, D }, > > {"protocol_whitelist", "List of protocols that are allowed to be used", OFFSET(protocol_whitelist), AV_OPT_TYPE_STRING, { .str = NULL }, CHAR_MIN, CHAR_MAX, D }, > > {"protocol_blacklist", "List of protocols that are not allowed to be used", OFFSET(protocol_blacklist), AV_OPT_TYPE_STRING, { .str = NULL }, CHAR_MIN, CHAR_MAX, D }, > > -{"max_streams", "maximum number of streams", OFFSET(max_streams), AV_OPT_TYPE_INT, { .i64 = INT_MAX }, 0, INT_MAX, D }, > > +{"max_streams", "maximum number of streams", OFFSET(max_streams), AV_OPT_TYPE_INT, { .i64 = 1000 }, 0, INT_MAX, D }, > > {NULL}, > > }; > > The change itself looks good to me. applied thanks [...]
diff --git a/libavformat/options_table.h b/libavformat/options_table.h index d5448e503f..a537dda95e 100644 --- a/libavformat/options_table.h +++ b/libavformat/options_table.h @@ -105,7 +105,7 @@ static const AVOption avformat_options[] = { {"format_whitelist", "List of demuxers that are allowed to be used", OFFSET(format_whitelist), AV_OPT_TYPE_STRING, { .str = NULL }, CHAR_MIN, CHAR_MAX, D }, {"protocol_whitelist", "List of protocols that are allowed to be used", OFFSET(protocol_whitelist), AV_OPT_TYPE_STRING, { .str = NULL }, CHAR_MIN, CHAR_MAX, D }, {"protocol_blacklist", "List of protocols that are not allowed to be used", OFFSET(protocol_blacklist), AV_OPT_TYPE_STRING, { .str = NULL }, CHAR_MIN, CHAR_MAX, D }, -{"max_streams", "maximum number of streams", OFFSET(max_streams), AV_OPT_TYPE_INT, { .i64 = INT_MAX }, 0, INT_MAX, D }, +{"max_streams", "maximum number of streams", OFFSET(max_streams), AV_OPT_TYPE_INT, { .i64 = 1000 }, 0, INT_MAX, D }, {NULL}, };
Fixes CVE-2016-9561 Suggested-by: Andreas Cadhalpun <andreas.cadhalpun@googlemail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> --- libavformat/options_table.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)