Security context

What an agent needs to avoid regressing past fixes and find the next vuln in this repo.

ittiam-systems/libavc
main @ a7bf2e9
51
Fixes
0
CVEs
CRITICAL
Peak severity
Highlights
Integer Overflow: 17 prior fixes. Scrutinize any change in this area.
decoder: most-fixed (17 issues). Treat as high-risk during review.
46 high-severity fixes in this history; regressions here are high-impact.
Recurring patterns

The bug types that recur here, drawn from past fixes, not open vulnerabilities.

Integer Overflow: Truncation or wrapping during picture order count (POC), display sequence, and slice header calculation allows attackers to trigger heap out-of-bounds writes via invalid frame or macroblock parameters. Upcasting to 64-bit types and explicit range checking are key defenses.
Heap Buffer Overflow: SEI payload parsing is prone to out-of-bounds reads and writes because stream readers retrieve payload structures without verifying remaining bits in the bitstream buffer. Introducing strict boundary checks prior to reading bit payloads was required to secure this surface.
Heap Buffer Overflow: During emulation prevention byte (EPB) insertion, bitstream writers can write past the allocated bitstream buffer without inline boundary verification. This risk is addressed by implementing robust index checks during buffer writes.