Re: [FFmpeg-devel] [PATCH] avcodec/options_table: remove extradata_size from the AVOptions table
On 09.03.2015 03:42, Michael Niedermayer wrote: allowing access to the size but not the extradata itself is not useful and could lead to potential problems if writing happens through this field Signed-off-by: Michael Niedermayer michae...@gmx.at --- libavcodec/options_table.h |1 - 1 file changed, 1 deletion(-) diff --git a/libavcodec/options_table.h b/libavcodec/options_table.h index 442b212..a906864 100644 --- a/libavcodec/options_table.h +++ b/libavcodec/options_table.h @@ -103,7 +103,6 @@ static const AVOption avcodec_options[] = { {hex, hex motion estimation, 0, AV_OPT_TYPE_CONST, {.i64 = ME_HEX }, INT_MIN, INT_MAX, V|E, me_method }, {umh, umh motion estimation, 0, AV_OPT_TYPE_CONST, {.i64 = ME_UMH }, INT_MIN, INT_MAX, V|E, me_method }, {iter, iter motion estimation, 0, AV_OPT_TYPE_CONST, {.i64 = ME_ITER }, INT_MIN, INT_MAX, V|E, me_method }, -{extradata_size, NULL, OFFSET(extradata_size), AV_OPT_TYPE_INT, {.i64 = DEFAULT }, INT_MIN, INT_MAX}, {time_base, NULL, OFFSET(time_base), AV_OPT_TYPE_RATIONAL, {.dbl = 0}, INT_MIN, INT_MAX}, {g, set the group of picture (GOP) size, OFFSET(gop_size), AV_OPT_TYPE_INT, {.i64 = 12 }, INT_MIN, INT_MAX, V|E}, {ar, set audio sampling rate (in Hz), OFFSET(sample_rate), AV_OPT_TYPE_INT, {.i64 = DEFAULT }, 0, INT_MAX, A|D|E}, This looks very good, because it also fixes the ffm muxer to never create files with extradata_size setting, but without extradata. Best regards, Andreas ___ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org http://ffmpeg.org/mailman/listinfo/ffmpeg-devel
Re: [FFmpeg-devel] [PATCH] avcodec/options_table: remove extradata_size from the AVOptions table
On 9 March 2015 at 14:28, Michael Niedermayer michae...@gmx.at wrote: On Mon, Mar 09, 2015 at 01:27:58PM +0100, Lukasz Marek wrote: On 9 March 2015 at 12:19, Andreas Cadhalpun andreas.cadhal...@googlemail.com wrote: On 09.03.2015 03:42, Michael Niedermayer wrote: allowing access to the size but not the extradata itself is not useful and could lead to potential problems if writing happens through this field Signed-off-by: Michael Niedermayer michae...@gmx.at --- libavcodec/options_table.h |1 - 1 file changed, 1 deletion(-) diff --git a/libavcodec/options_table.h b/libavcodec/options_table.h index 442b212..a906864 100644 --- a/libavcodec/options_table.h +++ b/libavcodec/options_table.h @@ -103,7 +103,6 @@ static const AVOption avcodec_options[] = { {hex, hex motion estimation, 0, AV_OPT_TYPE_CONST, {.i64 = ME_HEX }, INT_MIN, INT_MAX, V|E, me_method }, {umh, umh motion estimation, 0, AV_OPT_TYPE_CONST, {.i64 = ME_UMH }, INT_MIN, INT_MAX, V|E, me_method }, {iter, iter motion estimation, 0, AV_OPT_TYPE_CONST, {.i64 = ME_ITER }, INT_MIN, INT_MAX, V|E, me_method }, -{extradata_size, NULL, OFFSET(extradata_size), AV_OPT_TYPE_INT, {.i64 = DEFAULT }, INT_MIN, INT_MAX}, {time_base, NULL, OFFSET(time_base), AV_OPT_TYPE_RATIONAL, {.dbl = 0}, INT_MIN, INT_MAX}, {g, set the group of picture (GOP) size, OFFSET(gop_size), AV_OPT_TYPE_INT, {.i64 = 12 }, INT_MIN, INT_MAX, V|E}, {ar, set audio sampling rate (in Hz), OFFSET(sample_rate), AV_OPT_TYPE_INT, {.i64 = DEFAULT }, 0, INT_MAX, A|D|E}, This looks very good, because it also fixes the ffm muxer to never create files with extradata_size setting, but without extradata. Isn't it API break? Maybe it is better to have a look on asv1 or ffm muxer to fix problem itself, not to cover it. I can have a look on this today's evening. you miss the problem, this is a demuxer side problem, a attacker can at least crash your application no muxer side change can fix this, the attacker has his own self written muxer that produces a mallicious bitstream of course you are correct that there is possibly also a problem on the muxer side and that this too should be fixed but that is less important. OK. I checked this issue and your patch fixes the issue so if you are OK with removing this option I have no more remarks. ___ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org http://ffmpeg.org/mailman/listinfo/ffmpeg-devel
Re: [FFmpeg-devel] [PATCH] avcodec/options_table: remove extradata_size from the AVOptions table
Le nonidi 19 ventôse, an CCXXIII, Michael Niedermayer a écrit : you miss the problem, this is a demuxer side problem, a attacker can at least crash your application no muxer side change can fix this, the attacker has his own self written muxer that produces a mallicious bitstream (Unrelated to this particular change, which seems right to me.) Maybe we need a flag to indicate whether an option can be safely set, even with a value coming from an hostile source. Regards, -- Nicolas George signature.asc Description: Digital signature ___ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org http://ffmpeg.org/mailman/listinfo/ffmpeg-devel
Re: [FFmpeg-devel] [PATCH] avcodec/options_table: remove extradata_size from the AVOptions table
On Mon, Mar 09, 2015 at 03:42:00AM +0100, Michael Niedermayer wrote: allowing access to the size but not the extradata itself is not useful and could lead to potential problems if writing happens through this field Signed-off-by: Michael Niedermayer michae...@gmx.at --- libavcodec/options_table.h |1 - 1 file changed, 1 deletion(-) patch applied thanks to all [...] -- Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB The real ebay dictionary, page 3 Rare item - Common item with rare defect or maybe just a lie Professional - 'Toy' made in china, not functional except as doorstop Experts will know - The seller hopes you are not an expert signature.asc Description: Digital signature ___ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org http://ffmpeg.org/mailman/listinfo/ffmpeg-devel
Re: [FFmpeg-devel] [PATCH] avcodec/options_table: remove extradata_size from the AVOptions table
On Mon, Mar 09, 2015 at 05:33:46PM +0100, Nicolas George wrote: Le nonidi 19 ventôse, an CCXXIII, Michael Niedermayer a écrit : you miss the problem, this is a demuxer side problem, a attacker can at least crash your application no muxer side change can fix this, the attacker has his own self written muxer that produces a mallicious bitstream (Unrelated to this particular change, which seems right to me.) Maybe we need a flag to indicate whether an option can be safely set, even with a value coming from an hostile source. yes, indeed -- Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB The bravest are surely those who have the clearest vision of what is before them, glory and danger alike, and yet notwithstanding go out to meet it. -- Thucydides signature.asc Description: Digital signature ___ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org http://ffmpeg.org/mailman/listinfo/ffmpeg-devel
[FFmpeg-devel] [PATCH] avcodec/options_table: remove extradata_size from the AVOptions table
allowing access to the size but not the extradata itself is not useful and could lead to potential problems if writing happens through this field Signed-off-by: Michael Niedermayer michae...@gmx.at --- libavcodec/options_table.h |1 - 1 file changed, 1 deletion(-) diff --git a/libavcodec/options_table.h b/libavcodec/options_table.h index 442b212..a906864 100644 --- a/libavcodec/options_table.h +++ b/libavcodec/options_table.h @@ -103,7 +103,6 @@ static const AVOption avcodec_options[] = { {hex, hex motion estimation, 0, AV_OPT_TYPE_CONST, {.i64 = ME_HEX }, INT_MIN, INT_MAX, V|E, me_method }, {umh, umh motion estimation, 0, AV_OPT_TYPE_CONST, {.i64 = ME_UMH }, INT_MIN, INT_MAX, V|E, me_method }, {iter, iter motion estimation, 0, AV_OPT_TYPE_CONST, {.i64 = ME_ITER }, INT_MIN, INT_MAX, V|E, me_method }, -{extradata_size, NULL, OFFSET(extradata_size), AV_OPT_TYPE_INT, {.i64 = DEFAULT }, INT_MIN, INT_MAX}, {time_base, NULL, OFFSET(time_base), AV_OPT_TYPE_RATIONAL, {.dbl = 0}, INT_MIN, INT_MAX}, {g, set the group of picture (GOP) size, OFFSET(gop_size), AV_OPT_TYPE_INT, {.i64 = 12 }, INT_MIN, INT_MAX, V|E}, {ar, set audio sampling rate (in Hz), OFFSET(sample_rate), AV_OPT_TYPE_INT, {.i64 = DEFAULT }, 0, INT_MAX, A|D|E}, -- 1.7.9.5 ___ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org http://ffmpeg.org/mailman/listinfo/ffmpeg-devel