[Matroska-devel] libEBML v1.4.1 released

Moritz Bunkus mo at bunkus.online
Mon Jan 4 15:38:10 CET 2021


here's a new releases of libEBML, v1.4.1. It fixes an issue when
encountering certain types of invalid data; libEBML might return a pointer
to memory that has just been freed, leading to potential use-after-free

Here are the download link & ChangeLog entries:



2021-01-04  Moritz Bunkus  <mo at bunkus.online>

        * Release v1.4.1.

2021-01-02  Moritz Bunkus  <mo at bunkus.online>

        * Fixed a case EbmlMaster::Read where the element returned via
        UpperEltFound and FountElt points to a just-deleted element,
        causing callers to think the memory returned is valid, potentially
        leading to use-after-free/double-free errors. This can happen if
        the specific element's Read function throws an exception when
        encountering certain invalid data constellations.

Have fun :)


More information about the Matroska-devel mailing list