Media (Intel® Video Processing Library, Intel Media SDK)
Access community support with transcoding, decoding, and encoding in applications using media tools like Intel® oneAPI Video Processing Library and Intel® Media SDK
Announcements
The Intel Media SDK project is no longer active. For continued support and access to new features, Intel Media SDK users are encouraged to read the transition guide on upgrading from Intel® Media SDK to Intel® Video Processing Library (VPL), and to move to VPL as soon as possible.
For more information, see the VPL website.
3082 Discussions

found and fixed buffer bugs in new Media SDK 2021r1

diablodale
Novice
‎05-26-2021 10:01 AM
2,120 Views

Hello. The Media SDK 2021r1 SDK released this week has a few buffer under/overrun bugs in it. These bugs are also present in 2020r1.

Patch attached.

Such buffer bugs are often used for security violations. The bugs are all in one file `mfx_driver_store_loader.cpp` which is part of the dispatcher.

* Objbase.h needs to be included to access the api StringFromGUID2()

* last param on StringFromGUID2() is characters *not* bytes. Therefore it needs to be bufferbytes/sizeofbufferentity. This is done correctly in other files of the SDK.

*  RegQueryValueExW() does not guarantee null termination. See official Microsoft api docs. Therefore, it is unsafe to call wcslen(). The fix I used is to call RegGetValueW() instead. An alternative would be to use your SDK's custom WinRegKey class.

* it is unsafe to call wcscat_s() with a hardcoded char size because the size of that path is determined instead by the current function's parameters. Therefore, argument to wcscat_s() needs to be calculated using those parameters.

I've fixed the bugs locally so no rush for me. Instead for all your other customers.

Cheers

--Dale Phurrough

Labels (1)
Labels:
buffer_fixes_patch.zip
(Virus scan in progress ...)
0 Kudos

Link Copied

4 Replies
Gopika_Intel
Moderator
‎05-27-2021 02:49 AM
2,091 Views

Hi,

Thank you for reporting and sharing your observations. We have informed the concerned team about this.

Regards

Gopika


Copy link
Mark_L_Intel1
Moderator
‎07-29-2021 02:18 PM
1,980 Views

Hi Dale,


Thanks so much for the patch to fix our issue, I am really apologized for the late response, somehow this was ignored unintentionally.


I have submitted the patch to dev team and I will keep you updated.


Mark


Copy link
AthiraM_Intel
Moderator
‎03-04-2022 12:49 AM
1,590 Views

Hi,


The issue is resolved. If you need any additional information, please post a new question as this thread will no longer be monitored by Intel.



Thanks


0 Kudos
Copy link
diablodale
Novice
‎03-04-2022 01:15 AM
1,585 Views

And where is the fix/resolution? From where can it be downloaded?

0 Kudos
Copy link
Reply

Community support is provided Monday to Friday. Other contact methods are available here.

Intel does not verify all solutions, including but not limited to any file transfers that may appear in this community. Accordingly, Intel disclaims all express and implied warranties, including without limitation, the implied warranties of merchantability, fitness for a particular purpose, and non-infringement, as well as any warranty arising from course of performance, course of dealing, or usage in trade.

For more complete information about compiler optimizations, see our Optimization Notice.