259389 – media-video/gpac-0.4.5: MP4Box buffer overflow

Bug 259389 - media-video/gpac-0.4.5: MP4Box buffer overflow

Summary: media-video/gpac-0.4.5: MP4Box buffer overflow

Status:	RESOLVED FIXED

Alias:	None

Product:	Gentoo Linux
Classification:	Unclassified
Component:	New packages (show other bugs)
Hardware:	AMD64 Linux

Importance:	High normal (vote)
Assignee:	Gentoo Media-video project

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2009-02-17 18:17 UTC by Avuton Olrich
Modified:	2009-12-19 11:16 UTC (History)
CC List:	2 users (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
paludis --info (tmp,12.12 KB, text/plain) 2009-02-17 18:17 UTC, Avuton Olrich	Details
The corefile and the binary. (core+mp4box.tar.bz2,1.27 MB, text/plain) 2009-02-18 22:10 UTC, Avuton Olrich	Details
The /root/.gconf/apps/ogmrip/profiles directory. (profiles.tar.bz2,1.23 KB, text/plain) 2009-02-18 22:11 UTC, Avuton Olrich	Details
Try two info (paludis --info media-video/gpac) (info,21.07 KB, text/plain) 2009-02-19 16:09 UTC, Avuton Olrich	Details
gpac use/error/emerge --info (nouveau fichier,12.87 KB, text/plain) 2009-02-20 15:03 UTC, Andy Pettinger	Details
memset with the correct size (gpac-chpl-overflow.patch,613 bytes, patch) 2009-07-31 01:22 UTC, Daniel Gryniewicz (RETIRED)	Details \| Diff
Show Obsolete (1) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Avuton Olrich 2009-02-17 18:17:02 UTC

Use flags:               (a52) (aac) (alsa) (amr) (-debug) (ffmpeg) (ipv6) (-jack) (-javascript) (jpeg) (jpeg2k) (mad) (ogg) (opengl) (-oss) (png) (pulseaudio) (sdl) (ssl) (theora) (truetype) (vorbis) (-wxwindows) (xml) (xvid)

ogmrip shows a buffer overflow:

======= Backtrace: =========
/lib/libc.so.6(__fortify_fail+0x32)[0x7f2f6ae453a2]
/lib/libc.so.6[0x7f2f6ae43370]
/usr/lib/libgpac.so(chpl_New+0x27)[0x7f2f6b81f187]
/usr/lib/libgpac.so(gf_isom_add_chapter+0x188)[0x7f2f6b843131]
/usr/lib/libgpac.so(gf_media_import_chapters+0x884)[0x7f2f6b8882e2]
MP4Box[0x40ab43]
/lib/libc.so.6(__libc_start_main+0xf4)[0x7f2f6ad895e4]
MP4Box[0x4072c9]
======= Memory map: ========
00400000-00429000 r-xp 00000000 08:02 407477204                          /usr/bin/MP4Box
00628000-00629000 r--p 00028000 08:02 407477204                          /usr/bin/MP4Box
00629000-0062a000 rw-p 00029000 08:02 407477204                          /usr/bin/MP4Box
016b7000-021ef000 rw-p 016b7000 00:00 0                                  [heap]
40cd3000-40cd5000 rwxp 00000000 00:0c 2999                               /dev/zero
7f2f6678e000-7f2f6678f000 rw-p 7f2f6678e000 00:00 0
7f2f6678f000-7f2f66a3c000 rw-p 7f2f67043000 00:00 0
7f2f67315000-7f2f6731a000 r-xp 00000000 08:02 342                        /usr/lib64/libXdmcp.so.6.0.0
7f2f6731a000-7f2f67519000 ---p 00005000 08:02 342                        /usr/lib64/libXdmcp.so.6.0.0
7f2f67519000-7f2f6751a000 r--p 00004000 08:02 342                        /usr/lib64/libXdmcp.so.6.0.0
7f2f6751a000-7f2f6751b000 rw-p 00005000 08:02 342                        /usr/lib64/libXdmcp.so.6.0.0
7f2f6751b000-7f2f67530000 r-xp 00000000 08:02 275724979                  /lib64/libgcc_s.so.1
7f2f67530000-7f2f6772f000 ---p 00015000 08:02 275724979                  /lib64/libgcc_s.so.1
7f2f6772f000-7f2f67730000 r--p 00014000 08:02 275724979                  /lib64/libgcc_s.so.1
7f2f67730000-7f2f67731000 rw-p 00015000 08:02 275724979                  /lib64/libgcc_s.so.1
7f2f67731000-7f2f67818000 r-xp 00000000 08:02 275724933                  /usr/lib64/gcc/x86_64-pc-linux-gnu/4.3.3/libstdc++.so.6.0.10
7f2f67818000-7f2f67a18000 ---p 000e7000 08:02 275724933                  /usr/lib64/gcc/x86_64-pc-linux-gnu/4.3.3/libstdc++.so.6.0.10
7f2f67a18000-7f2f67a1f000 r--p 000e7000 08:02 275724933                  /usr/lib64/gcc/x86_64-pc-linux-gnu/4.3.3/libstdc++.so.6.0.10
7f2f67a1f000-7f2f67a21000 rw-p 000ee000 08:02 275724933                  /usr/lib64/gcc/x86_64-pc-linux-gnu/4.3.3/libstdc++.so.6.0.10
7f2f67a21000-7f2f67a34000 rw-p 7f2f67a21000 00:00 0
7f2f67a34000-7f2f67a4f000 r-xp 00000000 08:02 276040                     /usr/lib64/libxcb.so.1.0.0
7f2f67a4f000-7f2f67c4e000 ---p 0001b000 08:02 276040                     /usr/lib64/libxcb.so.1.0.0
7f2f67c4e000-7f2f67c4f000 r--p 0001a000 08:02 276040                     /usr/lib64/libxcb.so.1.0.0
7f2f67c4f000-7f2f67c50000 rw-p 0001b000 08:02 276040                     /usr/lib64/libxcb.so.1.0.0
7f2f67c50000-7f2f67c51000 r-xp 00000000 08:02 276044                     /usr/lib64/libxcb-xlib.so.0.0.0
7f2f67c51000-7f2f67e50000 ---p 00001000 08:02 276044                     /usr/lib64/libxcb-xlib.so.0.0.0
7f2f67e50000-7f2f67e51000 r--p 00000000 08:02 276044                     /usr/lib64/libxcb-xlib.so.0.0.0
7f2f67e51000-7f2f67e52000 rw-p 00001000 08:02 276044                     /usr/lib64/libxcb-xlib.so.0.0.0
7f2f67e52000-7f2f67e54000 r-xp 00000000 08:02 134218122                  /usr/lib64/libXau.so.6.0.0
7f2f67e54000-7f2f68053000 ---p 00002000 08:02 134218122                  /usr/lib64/libXau.so.6.0.0
7f2f68053000-7f2f68054000 r--p 00001000 08:02 134218122                  /usr/lib64/libXau.so.6.0.0
7f2f68054000-7f2f68055000 rw-p 00002000 08:02 134218122                  /usr/lib64/libXau.so.6.0.0
7f2f68055000-7f2f6805a000 r-xp 00000000 08:02 402731116                  /usr/lib64/libXxf86vm.so.1.0.0
7f2f6805a000-7f2f68259000 ---p 00005000 08:02 402731116                  /usr/lib64/libXxf86vm.so.1.0.0
7f2f68259000-7f2f6825a000 r--p 00004000 08:02 402731116                  /usr/lib64/libXxf86vm.so.1.0.0
7f2f6825a000-7f2f6825b000 rw-p 00005000 08:02 402731116                  /usr/lib64/libXxf86vm.so.1.0.0
7f2f6825b000-7f2f682c4000 r-xp 00000000 08:02 408276991                  /usr/lib64/libGLU.so.1.3.070300
7f2f682c4000-7f2f684c3000 ---p 00069000 08:02 408276991                  /usr/lib64/libGLU.so.1.3.070300
7f2f684c3000-7f2f684c5000 r--p 00068000 08:02 408276991                  /usr/lib64/libGLU.so.1.3.070300
7f2f684c5000-7f2f684c6000 rw-p 0006a000 08:02 408276991                  /usr/lib64/libGLU.so.1.3.070300
7f2f684c6000-7f2f685bf000 r-xp 00000000 08:02 848761                     /usr/lib64/libX11.so.6.2.0
7f2f685bf000-7f2f687bf000 ---p 000f9000 08:02 848761                     /usr/lib64/libX11.so.6.2.0
7f2f687bf000-7f2f687c0000 r--p 000f9000 08:02 848761                     /usr/lib64/libX11.so.6.2.0
7f2f687c0000-7f2f687c5000 rw-p 000fa000 08:02 848761                     /usr/lib64/libX11.so.6.2.0
7f2f687c5000-7f2f687d5000 r-xp 00000000 08:02 278                        /usr/lib64/libXext.so.6.4.0
7f2f687d5000-7f2f689d4000 ---p 00010000 08:02 278                        /usr/lib64/libXext.so.6.4.0
7f2f689d4000-7f2f689d5000 r--p 0000f000 08:02 278                        /usr/lib64/libXext.so.6.4.0
7f2f689d5000-7f2f689d6000 rw-p 00010000 08:02 278                        /usr/lib64/libXext.so.6.4.0
7f2f689d6000-7f2f69776000 r-xp 00000000 08:02 53385095                   /usr/lib64/opengl/nvidia/lib/libGLcore.so.180.29
7f2f69776000-7f2f69875000 ---p 00da0000 08:02 53385095                   /usr/lib64/opengl/nvidia/lib/libGLcore.so.180.29
7f2f69875000-7f2f69cac000 rwxp 00d9f000 08:02 53385095                   /usr/lib64/opengl/nvidia/lib/libGLcore.so.180.29
7f2f69cac000-7f2f69cbe000 rwxp 7f2f69cac000 00:00 0
7f2f69cbe000-7f2f69cc0000 r-xp 00000000 08:02 293632292                  /lib64/libdl-2.9.so
7f2f69cc0000-7f2f69ec0000 ---p 00002000 08:02 293632292                  /lib64/libdl-2.9.so
7f2f69ec0000-7f2f69ec1000 r--p 00002000 08:02 293632292                  /lib64/libdl-2.9.so
7f2f69ec1000-7f2f69ec2000 rw-p 00003000 08:02 293632292                  /lib64/libdl-2.9.so
7f2f69ec2000-7f2f69ed8000 r-xp 00000000 08:02 293632301                  /lib64/libpthread-2.9.so
7f2f69ed8000-7f2f6a0d7000 ---p 00016000 08:02 293632301                  /lib64/libpthread-2.9.so
7f2f6a0d7000-7f2f6a0d8000 r--p 00015000 08:02 293632301                  /lib64/libpthread-2.9.so
7f2f6a0d8000-7f2f6a0d9000 rw-p 00016000 08:02 293632301                  /lib64/libpthread-2.9.so
7f2f6a0d9000-7f2f6a0dd000 rw-p 7f2f6a0d9000 00:00 0
7f2f6a0dd000-7f2f6a100000 r-xp 00000000 08:02 269015984                  /usr/lib64/libpng12.so.0.34.0
7f2f6a100000-7f2f6a2ff000 ---p 00023000 08:02 269015984                  /usr/lib64/libpng12.so.0.34.0
7f2f6a2ff000-7f2f6a300000 r--p 00022000 08:02 269015984                  /usr/lib64/libpng12.so.0.34.0
7f2f6a300000-7f2f6a301000 rw-p 00023000 08:02 269015984                  /usr/lib64/libpng12.so.0.34.0
7f2f6a301000-7f2f6a322000 r-xp 00000000 08:02 402798342                  /usr/lib64/libjpeg.so.62.0.0
7f2f6a322000-7f2f6a521000 ---p 00021000 08:02 402798342                  /usr/lib64/libjpeg.so.62.0.0
7f2f6a521000-7f2f6a522000 r--p 00020000 08:02 402798342                  /usr/lib64/libjpeg.so.62.0.0
7f2f6a522000-7f2f6a523000 rw-p 00021000 08:02 402798342                  /usr/lib64/libjpeg.so.62.0.0
7f2f6a523000-7f2f6a673000 r-xp 00000000 08:02 8182521                    /usr/lib64/libcrypto.so.0.9.8
7f2f6a673000-7f2f6a873000 ---p 00150000 08:02 8182521                    /usr/lib64/libcrypto.so.0.9.8
7f2f6a873000-7f2f6a881000 r--p 00150000 08:02 8182521                    /usr/lib64/libcrypto.so.0.9.8
7f2f6a881000-7f2f6a899000 rw-p 0015e000 08:02 8182521                    /usr/lib64/libcrypto.so.0.9.8
7f2f6a899000-7f2f6a89d000 rw-p 7f2f6a899000 00:00 0
7f2f6a89d000-7f2f6a8e3000 r-xp 00000000 08:02 8182524                    /usr/lib64/libssl.so.0.9.8
7f2f6a8e3000-7f2f6aae2000 ---p 00046000 08:02 8182524                    /usr/lib64/libssl.so.0.9.8
7f2f6aae2000-7f2f6aae4000 r--p 00045000 08:02 8182524                    /usr/lib64/libssl.so.0.9.8
7f2f6aae4000-7f2f6aaea000 rw-p 00047000 08:02 8182524                    /usr/lib64/libssl.so.0.9.8
7f2f6aaea000-7f2f6ab6a000 r-xp 00000000 08:02 293632288                  /lib64/libm-2.9.so
7f2f6ab6a000-7f2f6ad69000 ---p 00080000 08:02 293632288                  /lib64/libm-2.9.so
7f2f6ad69000-7f2f6ad6a000 r--p 0007f000 08:02 293632288                  /lib64/libm-2.9.so
7f2f6ad6a000-7f2f6ad6b000 rw-p 00080000 08:02 293632288                  /lib64/libm-2.9.so
7f2f6ad6b000-7f2f6aeaa000 r-xp 00000000 08:02 293632321                  /lib64/libc-2.9.so
7f2f6aeaa000-7f2f6b0aa000 ---p 0013f000 08:02 293632321                  /lib64/libc-2.9.so
7f2f6b0aa000-7f2f6b0ae000 r--p 0013f000 08:02 293632321                  /lib64/libc-2.9.so
7f2f6b0ae000-7f2f6b0af000 rw-p 00143000 08:02 293632321                  /lib64/libc-2.9.so
7f2f6b0af000-7f2f6b0b4000 rw-p 7f2f6b0af000 00:00 0
7f2f6b0b4000-7f2f6b0f0000 r-xp 00000000 08:02 269017383                  /usr/lib64/libglut.so.3.8.0
7f2f6b0f0000-7f2f6b2f0000 ---p 0003c000 08:02 269017383                  /usr/lib64/libglut.so.3.8.0
7f2f6b2f0000-7f2f6b2f3000 r--p 0003c000 08:02 269017383                  /usr/lib64/libglut.so.3.8.0
7f2f6b2f3000-7f2f6b2f8000 rw-p 0003f000 08:02 269017383                  /usr/lib64/libglut.so.3.8.0
7f2f6b2f8000-7f2f6b2f9000 rw-p 7f2f6b2f8000 00:00 0
7f2f6b2f9000-7f2f6b39d000 r-xp 00000000 08:02 53385091                   /usr/lib64/opengl/nvidia/lib/libGL.so.180.29
7f2f6b39d000-7f2f6b49d000 ---p 000a4000 08:02 53385091                   /usr/lib64/opengl/nvidia/lib/libGL.so.180.29
7f2f6b49d000-7f2f6b4d5000 rwxp 000a4000 08:02 53385091                   /usr/lib64/opengl/nvidia/lib/libGL.so.180.29
7f2f6b4d5000-7f2f6b4eb000 rwxp 7f2f6b4d5000 00:00 0
7f2f6b4eb000-7f2f6b4ff000 r-xp 00000000 08:02 134654061                  /lib64/libz.so.1.2.3
7f2f6b4ff000-7f2f6b6fe000 ---p 00014000 08:02 134654061                  /lib64/libz.so.1.2.3
7f2f6b6fe000-7f2f6b6ff000 r--p 00013000 08:02 134654061                  /lib64/libz.so.1.2.3
7f2f6b6ff000-7f2f6b700000 rw-p 00014000 08:02 134654061                  /lib64/libz.so.1.2.3
7f2f6b700000-7f2f6b9eb000 r-xp 00000000 08:02 9155704                    /usr/lib64/libgpac-0.4.5.so
7f2f6b9eb000-7f2f6bbea000 ---p 002eb000 08:02 9155704                    /usr/lib64/libgpac-0.4.5.so
7f2f6bbea000-7f2f6bbef000 r--p 002ea000 08:02 9155704                    /usr/lib64/libgpac-0.4.5.so
7f2f6bbef000-7f2f6bbf8000 rw-p 002ef000 08:02 9155704                    /usr/lib64/libgpac-0.4.5.so
7f2f6bbf8000-7f2f6bbfb000 rw-p 7f2f6bbf8000 00:00 0
7f2f6bbfb000-7f2f6bc17000 r-xp 00000000 08:02 293632322                  /lib64/ld-2.9.so
7f2f6bcd9000-7f2f6bce0000 rw-p 7f2f6bcd9000 00:00 0
7f2f6bce0000-7f2f6bce1000 r-xp 00000000 08:02 272932233                  /usr/lib64/opengl/nvidia/tls/libnvidia-tls.so.180.29
7f2f6bce1000-7f2f6bde1000 ---p 00001000 08:02 272932233                  /usr/lib64/opengl/nvidia/tls/libnvidia-tls.so.180.29
7f2f6bde1000-7f2f6bde2000 rw-p 00001000 08:02 272932233                  /usr/lib64/opengl/nvidia/tls/libnvidia-tls.so.180.29
7f2f6bde2000-7f2f6bde6000 rw-p 7f2f6bde2000 00:00 0
7f2f6bde7000-7f2f6bde8000 rw-p 7f2f6bde7000 00:00 0
7f2f6bde9000-7f2f6be16000 rw-p 7f2f6bde9000 00:00 0
7f2f6be16000-7f2f6be17000 r--p 0001b000 08:02 293632322                  /lib64/ld-2.9.so
7f2f6be17000-7f2f6be18000 rw-p 0001c000 08:02 293632322                  /lib64/ld-2.9.so
7fff73deb000-7fff73e18000 rwxp 7ffffffd2000 00:00 0                      [stack]
7fff73fff000-7fff74000000 r-xp 7fff73fff000 00:00 0                      [vdso]
ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0                  [vsyscall]

Comment 1 Avuton Olrich 2009-02-17 18:17:23 UTC

Created attachment 182355 [details]
paludis --info

Comment 2 Wormo (RETIRED) gentoo-dev

2009-02-18 20:28:07 UTC

Thanks for the report. Do you have a test case to help developers reproduce this bug?

Comment 3 Jeroen Roovers (RETIRED) gentoo-dev

2009-02-18 21:49:54 UTC

Comment on attachment 182355 [details]
paludis --info

paludis --info isn't like emerge --info

Comment 4 Avuton Olrich 2009-02-18 22:09:45 UTC

I don't have a testcase, though this is totally reproducable here. Here's a probably better bittrace.

#0  0x00007fbc6945f1e5 in *__GI_raise (sig=<value optimized out>) at ../nptl/sysdeps/unix/sysv/linux/raise.c:64
#1  0x00007fbc69460703 in *__GI_abort () at abort.c:88
#2  0x00007fbc6949a998 in __libc_message (do_abort=2, fmt=0x7fbc6954a2a2 "*** %s ***: %s terminated\n") at ../sysdeps/unix/sysv/linux/libc_fatal.c:170
#3  0x00007fbc69511d97 in *__GI___fortify_fail (msg=0x7fbc6954a262 "buffer overflow detected") at fortify_fail.c:32
#4  0x00007fbc6950fb70 in *__GI___chk_fail () at chk_fail.c:29
#5  0x00007fbc69eed187 in chpl_New () at /usr/include/bits/string3.h:85
#6  0x00007fbc69f11131 in gf_isom_add_chapter (movie=<value optimized out>, trackNumber=<value optimized out>, timestamp=0, name=0x7fff724bbd80 "Chapter 02")
    at isomedia/isom_write.c:1660
#7  0x00007fbc69f562e2 in gf_media_import_chapters (file=0x1ac7660, chap_file=<value optimized out>, import_fps=0) at media_tools/isom_tools.c:933
#8  0x000000000040ab43 in main (argc=<value optimized out>, argv=<value optimized out>) at main.c:2679

I'll attach the created binary, the core and the profiles directory.

Comment 5 Avuton Olrich 2009-02-18 22:10:19 UTC

Created attachment 182481 [details]
The corefile and the binary.

Comment 6 Avuton Olrich 2009-02-18 22:11:06 UTC

Created attachment 182483 [details]
The /root/.gconf/apps/ogmrip/profiles directory.

Comment 7 Avuton Olrich 2009-02-18 22:11:48 UTC

I should mention that I run ogmrip as root as it's completely not working with non-superuser at the moment (separate issue).

Comment 8 Jeroen Roovers (RETIRED) gentoo-dev

2009-02-18 22:27:59 UTC

(In reply to comment #7)
> I should mention that I run ogmrip as root as it's completely not working with
> non-superuser at the moment (separate issue).

Please file a new bug report for that problem.

Comment 9 Jeroen Roovers (RETIRED) gentoo-dev

2009-02-18 22:30:55 UTC

And please post your `emerge --info' too.

Comment 10 Avuton Olrich 2009-02-19 16:09:01 UTC

Created attachment 182556 [details]
Try two info (paludis --info media-video/gpac)

As stated yesterday on gentoo-dev, if I gave my emerge --info it would be much outdated. If this info information isn't acceptable please tell me what is necessary.

Comment 11 Andy Pettinger 2009-02-20 15:03:06 UTC

Created attachment 182666 [details]
gpac use/error/emerge --info

same problem with using gpac itself to join video/audio

Comment 12 Alexis Ballier gentoo-dev

2009-02-27 13:18:11 UTC

(In reply to comment #4)
> I don't have a testcase, though this is totally reproducable here. Here's a
> probably better bittrace.

please try to extract a command line that would trigger the crash with gpac tools or explain how to trigger the crash with ogmrip otherwise it's totally impossible to debug.

Comment 13 Andy Pettinger 2009-03-07 19:31:03 UTC

Buffer overflow in my case appears to be caused by a nerolinux created mp4 audio, renamed as aac format. Although it worked ok with previous versions of MP4Box.
Problem solved by extracting the mp4 with mp4creator and then changing extracted file to aac.

Comment 14 Paul Hartman 2009-03-19 16:24:38 UTC

create file /etc/portage/env/media-video/gpac and put in it these lines:

CFLAGS="-O1 -D_FORTIFY_SOURCE=0"
CXXFLAGS="-O1 -D_FORTIFY_SOURCE=0"

this fixes mp4box for me.

Comment 15 Paul Hartman 2009-03-19 16:26:06 UTC

(In reply to comment #14)
> create file /etc/portage/env/media-video/gpac and put in it these lines:
> 
> CFLAGS="-O1 -D_FORTIFY_SOURCE=0"
> CXXFLAGS="-O1 -D_FORTIFY_SOURCE=0"
> 
> this fixes mp4box for me.
> 

I forgot "emerge gpac again" step :)

Comment 16 Daniel Gryniewicz (RETIRED) gentoo-dev

2009-07-31 01:22:30 UTC

Created attachment 199691 [details, diff]
memset with the correct size

Turns out to be fairly easy to fix, with a reproducible test case.  Verified with ogmrip.

Comment 17 Daniel Gryniewicz (RETIRED) gentoo-dev

2009-08-01 14:09:36 UTC

I'm chasing another buffer overflow in MP4Box, not as easy as the other one.

Comment 18 Daniel Gryniewicz (RETIRED) gentoo-dev

2009-08-24 14:28:57 UTC

Sorry, I was wrong.  I wasn't running the code I thought I was.  Just the fix above is sufficient for me.

Comment 19 Andy Pettinger 2009-10-11 12:09:14 UTC

Will this overflow patch be add to the package on the mail portage tree ?
My ebuild skills are not good enough at the moment to use in my overlay.

Comment 20 Andy Pettinger 2009-11-15 12:47:12 UTC

Ebuild skills improved sufficiently to add patch to gpac in overlay.
Can confirm solves buffer overflow problem with nerolinux mp4/aac, without need to extract/rename with mp4creator etc.

Comment 21 mailrupile 2009-12-19 00:42:33 UTC

Also can confirm solves buffer overflow problem with nerolinux mp4/aac, without need to extract/rename with mp4creator etc.

It's just 1 line patch which changing 1 word. 6 months had passed, it is not in portage tree X)

Comment 22 Samuli Suominen (RETIRED) gentoo-dev

2009-12-19 11:16:20 UTC

(In reply to comment #21)
> Also can confirm solves buffer overflow problem with nerolinux mp4/aac, without
> need to extract/rename with mp4creator etc.

Thanks.

+*gpac-0.4.5-r1 (19 Dec 2009)
+
+  19 Dec 2009; Samuli Suominen <ssuominen@gentoo.org> +gpac-0.4.5-r1.ebuild:
+  Fix memset to correct size wrt #259389 by Daniel Gryniewicz to avoid
+  segfault with MP4Box when Nero AAC/MP4 format is used.


> It's just 1 line patch which changing 1 word. 6 months had passed, it is not > in portage tree X)

If you want things to move faster, you just have to become a developer yourself.