matroska_parse_block (together with matroska_parse_laces) needs to subtract the lace metadata size from the buffer size, otherwise it appears possible that out-of-bounds reads could occur later, for example in matroska_parse_rm_audio.
Note: Dale Curtis <[email protected]> is the original author of this patch. Matt
0001-Fix-heap-buffer-overflow-in-matroska_parse_block.patch
Description: Binary data
_______________________________________________ libav-devel mailing list [email protected] https://lists.libav.org/mailman/listinfo/libav-devel
