[vlc-devel] CVE-2019-13602 Heap Based Buffer Overflow Vulnerability

Francois Cartegnie fcvlcdev at free.fr
Tue Jul 16 20:24:35 CEST 2019

Le 16/07/2019 à 19:46, Rémi Denis-Courmont a écrit :
>> You obviously know that block_t w/padding (for frames) will not stay there.
> I have no clue what you are on about. I have no insights into the frame work, 
> since somebody is doing it, and I do not see why the padding would be any more 
> or less needed with frames than blocks.
>> And really want to see a troll here ?
>> Using "Also smart asses" means the "other" isn't because otherwise if he
>> knew he wouldn't have pointed the issue.
> AFAIK, the only smart ass that remembered block padding is me.

Or maybe you're more than 10 hours late.

Surprisingly when other ppl submit patches for similar case no one tells

>> I see disrespect (you would call it other way) to another dev.
> Eh, remind me who wrote the original bug that led to a CVE, and then claimed 
> that somebody else introduced a CVE-worthy bug?

I'm not the one opening CVE before the fix can be distributed.

Francois Cartegnie
VideoLAN - VLC Developer

More information about the vlc-devel mailing list