[vlc-devel] [vlc-commits] service_discovery: sap: fix potential invalid write.

Fabian Yamaguchi fabian.yamaguchi at cs.uni-goettingen.de
Sat Dec 6 21:53:14 CET 2014


Hi,

first of all, it has never been my intention to insult anyone. If that
is how it was received, I'm sorry.

Second: I sent in confirmed and _potential_ vulnerabilities and my hope
was that those developers who know the code base would make an informed
decision about whether or not to apply fixes or not.

I was then asked by Rafaël if I would work on patches so I made patches
for both the confirmed and potential vulnerabilities in order to help
out. Potential vulnerabilities have been clearly marked in the commit
messages. In cases where I was unsure, I also included conservative
checks to be on the save side, e.g., the SIZE_MAX checks you mentioned.

As I have said before, feel free to modify or discard any of these
patches. I am perfectly aware of the fact that you know the code base in
more detail than I do, which is why I sent in my report instead of
supplying patches straight away. I am sorry that I cannot invest the
time to build triggers for all of the potential bugs as well, however, I
would suggest rather going for more checks than less since they don't
hurt and it's often hard to say whether a variable will ever contain a
value or not.

To be honest, I was hoping for a slightly more friendly response for
responsibly disclosing at least two critical vulnerabilities to you: the
overflow in the MP4 demuxer and in the updater, and even writing patches
for you. If this was not the right thing to do, let me know.

Kind Regards,
Fabian




More information about the vlc-devel mailing list