Rockbox Technical Forums

Rockbox General => Rockbox General Discussion => Topic started by: riksweeney on November 20, 2007, 03:15:01 AM

Title: FLAC vulnerabilities
Post by: riksweeney on November 20, 2007, 03:15:01 AM
Slashdot (http://it.slashdot.org/article.pl?sid=07/11/20/0137240) is reporting that multiple FLAC vulnerabilities are affecting players using libavcodec, even hardware players. Hopefully this will get sorted out before someone hacks Rockbox and uses it to steal everyone's credit card information and murder their dogs.

;)
Title: Re: FLAC vulnerabilities
Post by: Bagder on November 20, 2007, 03:33:23 AM
Actually, the report (http://research.eeye.com/html/advisories/published/AD20071115.html) talks about libFLAC and it also mentions in what versions that these problems are already fixed.

However, Rockbox doesn't use libFLAC. The FLAC decoder in Rockbox is from ffmpeg, and the flac and ogg comment parsing code are our own.