Git Inbox Mirror of the ffmpeg-devel mailing list - see https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
 help / color / mirror / Atom feed
From: Pavel Koshevoy <pkoshevoy-at-gmail.com@ffmpeg.org>
To: FFmpeg development discussions and patches <ffmpeg-devel@ffmpeg.org>
Subject: Re: [FFmpeg-devel] [PATCH] avformat/demux: Fix segfault due to avcodec_open2 failure (v2)
Date: Tue, 10 Jun 2025 17:36:14 -0600
Message-ID: <CAJgjuow+1GumirVhceE_ckr=Wk6nKZUO00zDKr019V7LHeJy0w@mail.gmail.com> (raw)
In-Reply-To: <20250610221048.GW29660@pb2>

On Tue, Jun 10, 2025 at 4:11 PM Michael Niedermayer <michael@niedermayer.cc>
wrote:

> Hi Pavel
>
> On Tue, Jun 10, 2025 at 11:27:37AM -0600, Pavel Koshevoy wrote:
> > On Tue, Jun 10, 2025 at 9:29 AM Michael Niedermayer <
> michael@niedermayer.cc>
> [...]
>
> > I have never had any intention of introducing a
> > security vulnerability.
>
> do you agree that the patch should be reverted ?
> (and also the 2 backports of it)
>

No, since I already provided a fix -- I would cherry-pick it to the
release/6.1 and release/7.1 as well, but you do as you wish.



>
>
> > If people want to keep this, it should be behind a flag and
> > > disabled by default.
> >
> >
> > I am not familiar with such flags ... are you suggesting a compile-time
> > flag, or a run-time flag?
> > A runtime flag would be preferable, because that would save me from
> having
> > to cross-compile win64 ffmpeg libs myself.
>
> runtime
>
>
> >
> >
> > Its not enough to fix our code that crashes, other applications
> > > similarly wont expect such id and type changes mid stream
> >
> >
> > IDK how likely a media type change is outside the 1_poc.mp4.
>
> 100% likelyness an exploit of this will use it
>
>
> > The sample
> > files I have don't do that.
>
> Your sample files are not exploits i assume. So obviously
> they dont
>
>
> > I can provide a 61MB clip of one such file, just a few seconds of SDR
> mpeg2
> > video/audio slate followed by a few seconds of HDR10 hevc video and eac3
> > audio... in case someone wants to work on making fftools support this.
>
> This file certainly is valuable and should be added to samples.ffmpeg.org
>
> BUT this security issue needs to be fixed, regardless of
> anyone adding support for such samples
>
> I dont think backporting midstream codec_id/type changes is a good
> idea btw.
>
> IMHO this should all be reverted (its a small 3 line patch)
> and then again start from scratch with review, testing, fuzzing, and
> runtime flag.
>
> PS: The researcher also wants a CVE# for this issue.
>

IDK what this means.



>
> thx
>
> [...]
> --
> Michael     GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB
>
> What is money laundering? Its paying someone and not telling the
> government.
> _______________________________________________
> ffmpeg-devel mailing list
> ffmpeg-devel@ffmpeg.org
> https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
>
> To unsubscribe, visit link above, or email
> ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".
>
_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel

To unsubscribe, visit link above, or email
ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".

  reply	other threads:[~2025-06-10 23:37 UTC|newest]

Thread overview: 12+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2025-06-10  3:45 Pavel Koshevoy
2025-06-10 13:38 ` Michael Niedermayer
2025-06-10 14:42   ` Pavel Koshevoy
2025-06-10 15:29     ` Michael Niedermayer
2025-06-10 15:39       ` Pavel Koshevoy
2025-06-10 17:27       ` Pavel Koshevoy
2025-06-10 17:30         ` Nicolas George
2025-06-10 17:54           ` Pavel Koshevoy
2025-06-10 22:10         ` Michael Niedermayer
2025-06-10 23:36           ` Pavel Koshevoy [this message]
2025-06-11 10:14             ` Michael Niedermayer
2025-06-11 15:51             ` Michael Niedermayer

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to='CAJgjuow+1GumirVhceE_ckr=Wk6nKZUO00zDKr019V7LHeJy0w@mail.gmail.com' \
    --to=pkoshevoy-at-gmail.com@ffmpeg.org \
    --cc=ffmpeg-devel@ffmpeg.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Git Inbox Mirror of the ffmpeg-devel mailing list - see https://ffmpeg.org/mailman/listinfo/ffmpeg-devel

This inbox may be cloned and mirrored by anyone:

	git clone --mirror https://master.gitmailbox.com/ffmpegdev/0 ffmpegdev/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 ffmpegdev ffmpegdev/ https://master.gitmailbox.com/ffmpegdev \
		ffmpegdev@gitmailbox.com
	public-inbox-index ffmpegdev

Example config snippet for mirrors.


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git