On Tue, Mar 26, 2019 at 01:38:14PM +0100, Carl Eugen Hoyos wrote: > Hi! > > Attached patch intends to fix a buffer overwrite reported today. > > Please comment, Carl Eugen
> bmp.c | 5 ++++- > 1 file changed, 4 insertions(+), 1 deletion(-) > ab9b89481fc3c93d4a631fb1d6b25dddbdd4bb50 > 0001-lavc-bmp-Avoid-a-heap-buffer-overwrite-for-1bpp-inpu.patch > From bd0dfa740f879eca6b13bb841e3b8d37718460ea Mon Sep 17 00:00:00 2001 > From: Carl Eugen Hoyos <ceffm...@gmail.com> > Date: Tue, 26 Mar 2019 13:32:11 +0100 > Subject: [PATCH] lavc/bmp: Avoid a heap buffer overwrite for 1bpp input. > > Found by Mingi Cho, Seoyoung Kim, and Taekyoung Kwon > of the Information Security Lab, Yonsei University. > --- > libavcodec/bmp.c | 5 ++++- > 1 file changed, 4 insertions(+), 1 deletion(-) LGTM thx [...] -- Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB The educated differ from the uneducated as much as the living from the dead. -- Aristotle
signature.asc
Description: PGP signature
_______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
