[FFmpeg-devel,1/2] avformat/options_table: Set the default maximum number of streams to 1000

Fixes CVE-2016-9561

Suggested-by: Andreas Cadhalpun <andreas.cadhalpun@googlemail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
---
 libavformat/options_table.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

On 10.12.2016 20:15, Michael Niedermayer wrote:
> Fixes CVE-2016-9561

I think the commit message should mention that the security relevance of
this is disputed, as running out of memory can happen with valid files.

> Suggested-by: Andreas Cadhalpun <andreas.cadhalpun@googlemail.com>
> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
> ---
>  libavformat/options_table.h | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/libavformat/options_table.h b/libavformat/options_table.h
> index d5448e503f..a537dda95e 100644
> --- a/libavformat/options_table.h
> +++ b/libavformat/options_table.h
> @@ -105,7 +105,7 @@ static const AVOption avformat_options[] = {
>  {"format_whitelist", "List of demuxers that are allowed to be used", OFFSET(format_whitelist), AV_OPT_TYPE_STRING, { .str = NULL },  CHAR_MIN, CHAR_MAX, D },
>  {"protocol_whitelist", "List of protocols that are allowed to be used", OFFSET(protocol_whitelist), AV_OPT_TYPE_STRING, { .str = NULL },  CHAR_MIN, CHAR_MAX, D },
>  {"protocol_blacklist", "List of protocols that are not allowed to be used", OFFSET(protocol_blacklist), AV_OPT_TYPE_STRING, { .str = NULL },  CHAR_MIN, CHAR_MAX, D },
> -{"max_streams", "maximum number of streams", OFFSET(max_streams), AV_OPT_TYPE_INT, { .i64 = INT_MAX }, 0, INT_MAX, D },
> +{"max_streams", "maximum number of streams", OFFSET(max_streams), AV_OPT_TYPE_INT, { .i64 = 1000 }, 0, INT_MAX, D },
>  {NULL},
>  };

The change itself looks good to me.

Best regards,
Andreas

On Tue, Dec 13, 2016 at 12:33:09AM +0100, Andreas Cadhalpun wrote:
> On 10.12.2016 20:15, Michael Niedermayer wrote:
> > Fixes CVE-2016-9561
> 
> I think the commit message should mention that the security relevance of
> this is disputed, as running out of memory can happen with valid files.

changed


> 
> > Suggested-by: Andreas Cadhalpun <andreas.cadhalpun@googlemail.com>
> > Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
> > ---
> >  libavformat/options_table.h | 2 +-
> >  1 file changed, 1 insertion(+), 1 deletion(-)
> > 
> > diff --git a/libavformat/options_table.h b/libavformat/options_table.h
> > index d5448e503f..a537dda95e 100644
> > --- a/libavformat/options_table.h
> > +++ b/libavformat/options_table.h
> > @@ -105,7 +105,7 @@ static const AVOption avformat_options[] = {
> >  {"format_whitelist", "List of demuxers that are allowed to be used", OFFSET(format_whitelist), AV_OPT_TYPE_STRING, { .str = NULL },  CHAR_MIN, CHAR_MAX, D },
> >  {"protocol_whitelist", "List of protocols that are allowed to be used", OFFSET(protocol_whitelist), AV_OPT_TYPE_STRING, { .str = NULL },  CHAR_MIN, CHAR_MAX, D },
> >  {"protocol_blacklist", "List of protocols that are not allowed to be used", OFFSET(protocol_blacklist), AV_OPT_TYPE_STRING, { .str = NULL },  CHAR_MIN, CHAR_MAX, D },
> > -{"max_streams", "maximum number of streams", OFFSET(max_streams), AV_OPT_TYPE_INT, { .i64 = INT_MAX }, 0, INT_MAX, D },
> > +{"max_streams", "maximum number of streams", OFFSET(max_streams), AV_OPT_TYPE_INT, { .i64 = 1000 }, 0, INT_MAX, D },
> >  {NULL},
> >  };
> 
> The change itself looks good to me.

applied

thanks

[...]