[vlc-devel] [PATCH] better size checking of EBML elements before we read them

Denis Charmet typx at dinauz.org
Mon Feb 23 12:20:19 CET 2015


Le lundi 23 février 2015 à 11:18:24, Steve Lhomme a écrit :
> Yes, for now it's only checking if it's a finite size, not for a max size.
> I'm not sure a String of SIZE_MAX - 1 (which would be okay in your
> case). Would be much better. For example, EbmlBinary has a max valid
> size of 0x7FFFFFFF, whereas SIZE_MAX is 0XFFFFFFFF (on my platform).
> Allocating either sizes for a string is just crazy.
Say that to the security researchers... I'd rather avoid another drama.
> I'll apply the same safety check in EbmlString of libebml.


Denis Charmet - TypX
Le mauvais esprit est un art de vivre

More information about the vlc-devel mailing list