On Fri, Jan 06, 2017 at 11:32:49AM +0100, Hugo Lefeuvre wrote:
>
> Could you summarize us the status of your work on the 0.8 branch ?
I'm in the process of releasing 0.8.19 this morning. Once the automated
tests finish and the build bot prepares the tarballs, I'll put out the
release.
> I've had a look at the new CVEs reported for libav. I managed to
> reproduce CVE-2016-98{21,22} (avconv crashes with segfault), but
> cherry picking the fix[0,1,2] for these issues doesn't seem to fix
> the problem.
>
> I'll try to patch it.
>
> Also, the error messages I get for these issues are not the same as
> those mentionned on the CVE report.
I'll look into it this afternoon.
> I have also tried to reproduce CVE-2016-98{19,20,23,24,25,26}, but
> I am not getting the same error messages as those mentionned on the
> CVE report. No segfault. Instead, avconv is just ending with error
> messages like "Error at MB: 0", or "Error while decoding stream #0:0",
> which doesn't help me to determine whether this behavior is normal or
> not.
These messages mean that avconv bails out and refuses to process the
file further. Given that these are probably samples artificially broken
via fuzzing, this is the correct behavior. It might also mean that
these CVEs are bogus. I've had the very same problem with some reports
on our Bugzilla lately. Try as I might, I could not reproduce the
reported crashes.
Diego
Attachment:
signature.asc
Description: Digital signature