Closed Bug 1197888 Opened 9 years ago Closed 9 years ago

OpenH264: heap-buffer-overflow [@WelsDec::PrefetchPic]

Categories

(Core :: Audio/Video: GMP, defect)

Product:
Core
Component:
Audio/Video: GMP
Platform:
x86
Linux
Type:
defect
Priority:
Not set
Severity:
critical

Tracking

()

Status:
RESOLVED FIXED

People

(Reporter: tsmith, Unassigned)

References

(Blocks 1 open bug)

Details

(4 keywords)

Attachments

(2 files)

call_stack.txt
4.86 KB, text/plain
Details
test_case.264
260 bytes, application/octet-stream
Details 
      No description provided.
Attached file call_stack.txt 

    
    

    
  

      
      
      
      

        Attached file
          
        test_case.264
      

    


  

    
  
Depends on: 1170319

    
  
Summary: OpenH264: heap-buffer-overflow [@OpeWelsDec::PrefetchPic] → OpenH264: heap-buffer-overflow [@WelsDec::PrefetchPic]
Keywords: sec-high

    
    

    
  
This is reproducible on the v1.4-Firefox38 branch with a 32-bit build

    
    

    
  
We're fixing it now. Thanks.

    
  
Group: core-security → media-core-security

    
    

    
  
Verified with https://github.com/cisco/openh264/commit/5373b8a3aad243245c56e964efa8380ab1fcc44d
Status: NEW → RESOLVED
Closed: 9 years ago
Resolution: --- → FIXED
Group: media-core-security → core-security-release
Group: core-security-release
Component: OpenH264 → Audio/Video: GMP
Product: External Software Affecting Firefox → Core

          You need to log in
          before you can comment on or make changes to this bug.
        






  

    
  







  

    

      
Attachment

      

      
      
      
      
    

    

      

        

          

            
General

            

              Creator: 



            

            
Created: 

            
Updated: 

            
Size: