oss-sec mailing list archives
Re: Re: ffmpeg afl bugs
From: cookieopfer () gmx net
Date: Mon, 26 Sep 2016 03:03:16 +0200
Have fun with ffmpeg-h264-call-stack-overflow.mp4Perhaps you meant to share this file with this community?
yes, I forgot to mention it is in /usr/share/doc/afl/vuln_samples/ffmpeg-h264-call-stack-overflow.mp4
Hmm... I think that docs/vuln_samples/ffmpeg-h264-call-stack-overflow.mp4 is just a sample file that comes with AFL (and dates back to December 2014). I doubt it still crashes anything
see above! not crashing, but: "overread end of atom 'stsd' by 4294967134 bytes"
and I'm not sure what the original reporter was trying to say. /mz
I just can't fix it further on this machine, so I only could post the trace. Also thanks for afl-fuzz!
Attachment:
ffmpeg-h264-call-stack-overflow.mp4
Description:
Current thread:
- ffmpeg afl bugs cookieopfer (Sep 25)
- Re: ffmpeg afl bugs Solar Designer (Sep 25)
- Re: ffmpeg afl bugs Michal Zalewski (Sep 25)
- Re: Re: ffmpeg afl bugs cookieopfer (Sep 25)
- Re: Re: ffmpeg afl bugs cookieopfer (Sep 26)
- Re: ffmpeg afl bugs Michal Zalewski (Sep 25)
- Re: ffmpeg afl bugs cve-assign (Sep 25)
- Re: Re: ffmpeg afl bugs Hanno Böck (Sep 26)
- Re: ffmpeg afl bugs Solar Designer (Sep 25)