Skip to content
GitLab
Commit aa1c813c authored by Vignesh Venkatasubramanian's avatar Vignesh Venkatasubramanian
Browse files

vp9: Fix potential SEGV in decoder_peek_si_internal 

decoder_peek_si_internal could potentially read more bytes than
what actually exists in the input buffer. We check for the buffer
size to be at least 8, but we try to read up to 10 bytes in the
worst case. A well crafted file could thus cause a segfault.
Likely change that introduced this bug was:
https://chromium-review.googlesource.com/#/c/70439 (git hash:
7c43fb67)

BUG=chromium:621095

Change-Id: Id74880cfdded44caaa45bbdbaac859c09d3db752
parent b3933e2d
v1.14.0-linphone feature/update_to_v1.9.0-linphone feature/uwp_nuget khakicampbell linphone-android longtailedduck m54-2840 m56-2924 m66-3359 m68-3440 mandarinduck sandbox/wangch@google.com/vp9 v1.12.0-linphone v1.6.1_linphone v1.7.0-linphone v1.9.0-linphone v1.9.0 v1.9.0-rc1 v1.8.2 v1.8.1 v1.8.0 v1.7.0 v1.6.1 v1.6.0
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Showing
with 48 additions and 5 deletions
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment