On Wed, Aug 6, 2014 at 10:09 AM, Vittorio Giovara <[email protected]> wrote: > Being CDG_HEADER_SIZE bigger than CDG_MINIMUM_PKT_SIZE, > this patch fixes out one out of bound array access. > > CC: [email protected] > Bug-Id: CVE-2013-3674 > Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind > --- > I reworked the patch, expanding the initial sanity check. > Comments welcome. > Vittorio
Nevermind, this adds checks on the lower bound while the problem is on the upper one, patch dropped. Vittorio _______________________________________________ libav-devel mailing list [email protected] https://lists.libav.org/mailman/listinfo/libav-devel
