[vlc-devel] [PATCH] Adding caf file demuxer module.

Matthias Keiser matthias at tristan-inc.com
Sun Sep 22 22:12:04 CEST 2013


Am 22.09.2013 um 00:03 schrieb Rafaël Carré <funman at videolan.org>:

> So I would say bailing out if > UINT32_MAX is the right thing to do.
OK.

> Do you expect valid files to use such high values?
No.

> Another question is can we DoS VLC with a carefully crafted file?
> 
> Let's say if it's stuck reading 4GB (-1 byte) on a HTTP link and on a
> mobile phone with 3G connection.

I'm not sure I understand exactly what you mean, but yeah, I guess so, if the app is expecting data, and the network doesn't deliver, we might be stuck. But I feel not really qualified to answer this since I don't know (yet) the architecture of VLC very well.

Regards

Matthias


More information about the vlc-devel mailing list