Media (Intel® oneAPI Video Processing Library, Intel Media SDK)
Access community support with transcoding, decoding, and encoding in applications using media tools from Intel. This includes Intel® oneAPI Video Processing Library and Intel® Media SDK.

found and fixed buffer bugs in new Media SDK 2021r1

diablodale
Novice
748 Views

Hello. The Media SDK 2021r1 SDK released this week has a few buffer under/overrun bugs in it. These bugs are also present in 2020r1.

Patch attached.

Such buffer bugs are often used for security violations. The bugs are all in one file `mfx_driver_store_loader.cpp` which is part of the dispatcher.

* Objbase.h needs to be included to access the api StringFromGUID2()

* last param on StringFromGUID2() is characters *not* bytes. Therefore it needs to be bufferbytes/sizeofbufferentity. This is done correctly in other files of the SDK.

*  RegQueryValueExW() does not guarantee null termination. See official Microsoft api docs. Therefore, it is unsafe to call wcslen(). The fix I used is to call RegGetValueW() instead. An alternative would be to use your SDK's custom WinRegKey class.

* it is unsafe to call wcscat_s() with a hardcoded char size because the size of that path is determined instead by the current function's parameters. Therefore, argument to wcscat_s() needs to be calculated using those parameters.

I've fixed the bugs locally so no rush for me. Instead for all your other customers.

Cheers

--Dale Phurrough

Labels (1)
0 Kudos
4 Replies
Gopika_Intel
Moderator
719 Views

Hi,

Thank you for reporting and sharing your observations. We have informed the concerned team about this.

Regards

Gopika


Mark_L_Intel1
Moderator
608 Views

Hi Dale,


Thanks so much for the patch to fix our issue, I am really apologized for the late response, somehow this was ignored unintentionally.


I have submitted the patch to dev team and I will keep you updated.


Mark


AthiraM_Intel
Moderator
218 Views

Hi,


The issue is resolved. If you need any additional information, please post a new question as this thread will no longer be monitored by Intel.



Thanks


diablodale
Novice
213 Views

And where is the fix/resolution? From where can it be downloaded?

Reply