Security issue: FLAC exploits

Widely publicized problems with libFLAC. Needs investigation. Probably concerns both ffmeg and flac plugins.

added Component::Decoders Severity::critical Type::bug + 1 deleted label

changed milestone to %0.9.0 features freeze

Contribs for trunk and branch are up to date with libFLAC 1.2.1, which isn't affected.

assigned to @jbk and unassigned @MigrationBot

Should this be closed or??

if i understand correctly the ticket, one would have to check that vlc flac demuxer is not subject to these vulnerabilities

more details on http://securitytracker.com/alerts/2007/Nov/1018974.html

there is 14 vulnerabilities:

#1 (closed) doesn't apply since we don't edit flac metadata #2 (closed) would apply when editing vorbis metadata, it's done by taglib and i hope it will check that the buffer isn't too large / verify that the size is correct (i won't check taglib i'm not a security expert) #3 (closed) "This is due to most applications reading data until they encounter a NULL byte." vorbis reading is made by taglib #4 length of picture mime type field is properly checked: if( i_data < i_len + 4 ) #5 (closed) we don't save pictures in flac #6 (closed) Picture Dimension Size Heap Overflow. it is a problem of image rendering software #7 (closed) #8 (closed) #9 (closed) .... this is all the same, i.e. trusting packet len and not checking it, and we don't do that. #10 (closed) we don't implement that #11 (closed) same

someone still has to check #12 (closed) #13 (closed) and #14 (closed)

assigned to @fenrir and unassigned @jbk

added Status::fixed label

closed