oss-sec mailing list archives

Re: mp3gain: NULL pointer dereference in sync_buffer (mpglibDBL/interface.c)

From: "Dr. Thomas Orgis" <thomas.orgis () uni-hamburg de>
Date: Thu, 14 Sep 2017 09:26:15 +0200

Hi Agostino,

thanks for pointing out that mp3gain is yet another user of an outdated
fork of mpg123 code. But this time with a twist: This again seems to be
a lifted version of the modified mpg123 code from Lame! A forked fork.

I'll have a look if I can rip that mpglib out of mp3gain and provide a
patch that uses an up-to-date libmpg123 for parsing instead. This would
perhaps be a better path forward for distros than to remove the
vulnerable mp3gain altogether.

An impressive list of vulnerabilities you have there … perhaps some
specific to mp3gain's modifications, but I guess the overflows in
layer3.c are well-known already from mpg123 and Lame.


Alrighty then,

Thomas

-- 
Dr. Thomas Orgis
Universität Hamburg
RRZ / Basisinfrastruktur / HPC
Schlüterstr. 70
20146 Hamburg
Tel.: 040/42838 8826
Fax: 040/428 38 6270

Attachment: smime.p7s
Description:

Current thread:

mp3gain: NULL pointer dereference in sync_buffer (mpglibDBL/interface.c) Agostino Sarubbo (Sep 14)
- Re: mp3gain: NULL pointer dereference in sync_buffer (mpglibDBL/interface.c) Simon McVittie (Sep 14)
  - Re: mp3gain: NULL pointer dereference in sync_buffer (mpglibDBL/interface.c) Agostino Sarubbo (Sep 14)
    - Re: mp3gain: NULL pointer dereference in sync_buffer (mpglibDBL/interface.c) Dr. Thomas Orgis (Sep 14)
    - Re: mp3gain: NULL pointer dereference in sync_buffer (mpglibDBL/interface.c) Agostino Sarubbo (Sep 14)
- Re: mp3gain: NULL pointer dereference in sync_buffer (mpglibDBL/interface.c) Dr. Thomas Orgis (Sep 14)