Closed Bug 1184396 Opened 7 years ago Closed 6 years ago

OpenH264: ASan global-buffer-overflow in WelsDec::CavlcGetTrailingOnesAndTotalCoeff

Categories

(External Software Affecting Firefox :: OpenH264, defect)

defect
Not set
normal

Tracking

(Not tracked)

RESOLVED FIXED

People

(Reporter: tsmith, Unassigned)

References

(Blocks 1 open bug)

Details

(Keywords: csectype-bounds, sec-critical, testcase)

Attachments

(2 files, 1 obsolete file)

Attached file call_stack.txt (obsolete) —
No description provided.
Assignee: infra → nobody
Group: mozilla-employee-confidential → core-security
Component: Infrastructure: OpenVPN → OpenH264
Product: Infrastructure & Operations → Plugins
QA Contact: jdow
Version: other → unspecified
Attached file test_case.264
Depends on: 1170319
This bug has been fixed in the latest version of openh264 master branch.
Attached file call_stack_f30ad4e.txt
This issue is still reproducible with https://github.com/cisco/openh264/commit/f30ad4e512e84a1376f5223f9a450c075e0b0df9
Attachment #8634494 - Attachment is obsolete: true
This doesn't affect the v1.4-Firefox38 branch.
Status: NEW → RESOLVED
Closed: 6 years ago
Resolution: --- → FIXED
Group: core-security → core-security-release
Group: core-security-release
You need to log in before you can comment on or make changes to this bug.