Hi Tomas
On Thu, May 28, 2026 at 10:41:05PM +0200, Tomas Härdin via ffmpeg-devel wrote:
> tor 2026-05-21 klockan 19:23 +0000 skrev michaelni via ffmpeg-devel:
> > @@ -1438,12 +1438,12 @@ static int mxf_read_generic_descriptor(void
> > *arg, AVIOContext *pb, int tag, int
> > break;
> > default:
> > /* Private uid used by SONY C0023S01.mxf */
> > - if (IS_KLV_KEY(uid, mxf_sony_mpeg4_extradata)) {
> > + if (IS_KLV_KEY(uid, mxf_sony_mpeg4_extradata) && size <=
> > INT_MAX - AV_INPUT_BUFFER_PADDING_SIZE) {
>
> Did the "AI" tell you to add this useless check? All descriptors we
> support use 2-byte lengths due to byte 5 of the UID being 0x53, and I'm
> reasonably sure we assume int is >= 32 bits. See section 9.3 of S377mThe security report contained this as part of the suggested change and we failed to detect it. Its an example why these AI generated reports are such a pain. Fix is here: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/23269 thx -- Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB Old school: Use the lowest level language in which you can solve the problem conveniently. New school: Use the highest level language in which the latest supercomputer can solve the problem without the user falling asleep waiting.
signature.asc
Description: PGP signature
_______________________________________________ ffmpeg-devel mailing list -- [email protected] To unsubscribe send an email to [email protected]
