search

xiph / daala

Modern video compression for the internet
https://xiph.org/daala/
BSD 2-Clause "Simplified" License
544 stars 102 forks source link

heap-buffer-overflow in od_post_filter4 #212

Open tysmith opened 8 years ago

tysmith commented 8 years ago

Found running commit 4633b8105 Built with AddressSanitizer

To reproduce run: ./dump_video test_case.ogv

READ of size 4 at 0x63400005e804 thread T0
    #0 0x51467a in od_post_filter4 src/filter.c:203:16
    #1 0x51467a in od_apply_postfilter_frame_sbs src/filter.c:1603
    #2 0x4f66d6 in od_decode_coefficients src/decode.c:989:7
    #3 0x4f66d6 in daala_decode_packet_in src/decode.c:1204
    #4 0x4ec2de in main examples/dump_video.c:426:13
    #5 0x7f7c8683a82f in __libc_start_main /build/glibc-GKVZIf/glibc-2.23/csu/../csu/libc-start.c:291
    #6 0x418f98 in _start (dump_video+0x418f98)

test_case.ogv.zip