Tag Archives: libEBML

MKVToolNix v8.5.1 released

I’ve released MKVToolNix v8.5.1 only four days after 8.5.0. The reason is that Cisco’s Talos Research Group has found several cases of invalid memory access and instances of freeing memory twice in libEBML (TALOS-CAN-0036, TALOS-CAN-0037). The consequences range from heap information disclosure to denial of service.

Those issues have been fixed along with some more cases of invalid memory access discovered while investigating the TALOS-CAN reports. New releases of libEBML (v1.3.3) and libMatroska (v1.4.4) were made yesterday. Today’s release of MKVToolNix incorporates both updated libraries, and its build system requires at least those versions if you want to use globally-installed copies.

As MKVToolNix and therefore both libEBML and libMatroska are often used to process content from arbitrary sources I highly recommend everyone to upgrade.

You can download the source code or one of the binaries.

Here’s the full ChangeLog since the previous release:

  • 2015-10-21 Moritz Bunkus <moritz@bunkus.org>
    • Released v8.5.1.
  • 2015-10-20 Moritz Bunkus <moritz@bunkus.org>
    • build system: libEBML v1.3.3 and libMatroska v1.4.4 are now required due to important fixes for invalid memory accesses in those two releases. The copies included in the MKVToolNix source code have been updated to those releases as well.
  • 2015-10-19 Moritz Bunkus <moritz@bunkus.org>
    • MKVToolNix GUI: bug fix: the "save file" dialogs did not have the currently entered file name pre-selected anymore. Fixes #1480.
    • MKVToolNix GUI: header editor enhancement: several track properties like name or language are shown as columns in the tree for easier distinction between tracks. They’re also shown on the overview page on the right when that track’s entry is selected in the tree. The text in the labels on this overview page can be selected with the mouse for copying & pasting elsewhere.
  • 2015-10-18 Moritz Bunkus <moritz@bunkus.org>
    • MKVToolNix GUI: bug fix: fixed a crash when loading corrupted job settings.
    • MKVToolNix GUI: header editor bug fix: the tree items weren’t re-translated when the GUI language was changed.
    • mkvmerge: bug fix: updating the track headers wasn’t working in some rare cases (corresponding error message "Re-rendering track headers: data_size != 0 not implemented yet").
  • 2015-10-17 Moritz Bunkus <moritz@bunkus.org>
    • MKVToolNix GUI: bug fix (Linux): the function "open folder" was inserting a superfluous leading slash in the directory name. This causes some file managers (in this particular case Dolphin on Linux) to interpret a directory name like "//home/mosu/…" as a share called "mosu" on a Samba/Windows server called "home" and to prepend the whole name with the "smb://" protocol. Fixes #1479.

Have fun.

libEBML v1.3.1 & libMatroska v1.4.2 released

I’ve released new versions of libEBML (v1.3.1) and libMatroska (v1.4.2). Download links for the impatient:

Important news about the changes below; so please continue to read:

Both are binary-compatible to their respective previous releases and did not have their .so version bumped.

In both libraries several instances of out-of-bounds memory accesses have been fixed. libEBML will also not catch exceptions thrown by an IOCallback instance anymore.

The build system of both libraries has been switched to use autoconf, automake and libtool. Now you can (or have to) use the normal three-point procedure of »configure && make && make install«. The upside is that this should make cross-compilation easier.

In addition both libraries now come with pkg-config files. These are called »libebml« and »libmatroska« respectively (all lower-case). libMatroska’s configure script already uses pkg-config for determining libEBML’s location. Here the usual environment variables used for pkg-config are used as well (most notably PKG_CONFIG_PATH).

The upcoming release of MKVToolNix will require both of these two new versions.

Here’s libEBML’s ChangeLog since the previous release (v1.3.0):

  • 2015-01-04 Moritz Bunkus <moritz@bunkus.org>
    • Released v1.3.1.
    • EbmlElement::Render(): doesn’t catch exceptions anymore. Instead exceptions generated from the IOCallback class (e.g. if a write failed) are propagated to the caller.
  • 2014-12-21 Moritz Bunkus <moritz@bunkus.org>
    • build system: switched the build system from hand-crafted Makefiles to an autoconf/automake-based system. A pkg-config file will be installed as well; its name is »libebml«. Patch by Jan Engelhardt <jengelh@inai.de>.
  • 2014-12-20 Moritz Bunkus <moritz@bunkus.org>
    • EbmlMaster::Read(): when reading with SCOPE_ALL_DATA only those elements that could successfully be read will be kept (e.g. defective block groups will be dropped).
  • 2014-12-19 Moritz Bunkus <moritz@bunkus.org>
    • EbmlMemoryStream: add a new class for safe memory access that throws exception on failures.
  • 2014-12-18 Moritz Bunkus <moritz@bunkus.org>
    • EbmlMaster: Fixed read() trying to calculate the end position of elements with an unknown size. This avoids endless loops and assertions in certain cases. See https://trac.bunkus.org/ticket/1089

Here’s libMatroska’s ChangeLog since the previous release (v1.3.0):

  • 2015-01-04 Moritz Bunkus <moritz@bunkus.org>
    • Released v1.4.2.
  • 2014-12-21 Moritz Bunkus <moritz@bunkus.org>
    • build system: switched the build system from hand-crafted Makefiles to an autoconf/automake-based system. A pkg-config file will be installed as well; its name is »libmatroska«. Based on a similar patch for libEBML by Jan Engelhardt <jengelh@inai.de>.
  • 2014-12-20 Moritz Bunkus <moritz@bunkus.org>
    • KaxBlock::ReadData(): fixed several instances of unchecked memory access leading to invalid memory access/segmentation faults with invalid or broken data inside block groups/simple blocks.
  • 2014-12-19 Moritz Bunkus <moritz@bunkus.org>
    • KaxBlock::ReadInternalHead(): fixed a off-by-one buffer overflow if with EBML lacing and exactly one frame in the lace.

Have fun.