Kirill Belokurov
2007-09-25 15:25:06 UTC
Hi!
Under certain conditions, the array "dvdcss->css.p_disc_key" may remain
uninitialized till the line (libdvdcss.c:492)
sprintf( &psz_key[1+i*2], "%.2x", dvdcss->css.p_disc_key[i] );
which will cause the "CSS keys cache folder" name to be generated using raw
memory contents. This will lead to a bug when libdvdcss will not see the
folder with previously cached keys and on each DVD open attempt will retry
the brute-force keys retrieval.
The attached patch (against SVN trunk) fixes that for two different cases
libdvdcss.c: for the case when DVD is encrypted but no ioctl is available
(which is usual for encrypted DVDs copied via dd /dev/cdrom /path/to/file )
css.c: for the case when key decryption fails, the fallback is done, but disk
key is not zeroed
Regards, Kirill
Under certain conditions, the array "dvdcss->css.p_disc_key" may remain
uninitialized till the line (libdvdcss.c:492)
sprintf( &psz_key[1+i*2], "%.2x", dvdcss->css.p_disc_key[i] );
which will cause the "CSS keys cache folder" name to be generated using raw
memory contents. This will lead to a bug when libdvdcss will not see the
folder with previously cached keys and on each DVD open attempt will retry
the brute-force keys retrieval.
The attached patch (against SVN trunk) fixes that for two different cases
libdvdcss.c: for the case when DVD is encrypted but no ioctl is available
(which is usual for encrypted DVDs copied via dd /dev/cdrom /path/to/file )
css.c: for the case when key decryption fails, the fallback is done, but disk
key is not zeroed
Regards, Kirill