Zeroy0410

**Name of the Vulnerable Software and Affected Versions** rust-ffmpeg versions 0.3.0 and later (after commit 5ac0527) **Description** A null pointer dereference issue exists in the `dump()` function of rust-ffmpeg. The function does not validate the return value of `avfilter graph dump()` for NULL, which can lead to a denial of service if memory allocation fails. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** rust-ffmpeg version 0.3.0 (after commit 5ac0527) **Description** A null pointer dereference issue exists in the `name()` method of rust-ffmpeg. This flaw occurs because the method does not validate the return value of the `av get sample fmt name()` C function before attempting to use it, potentially leading to a denial of service when an unrecognized sample format is provided. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** rust-ffmpeg version 0.3.0 **Description** A null pointer dereference issue exists in the `input()` constructor function. This can lead to a denial of service when the `avio alloc context()` call fails and returns NULL, which is subsequently dereferenced by the `Io` struct's Drop implementation. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** rust-ffmpeg versions 0.3.0 and later **Description** An integer overflow and invalid input issue exists in the `cached` method, potentially leading to a denial of service or arbitrary code execution. The issue occurs when dimension parameters are zero or exceed i32::MAX, resulting in an unchecked cast that violates preconditions of the underlying C function and triggers undefined behavior. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** rust-ffmpeg version 0.3.0 (after commit 5ac0527) **Description** An integer overflow vulnerability exists in the `Vector::new` constructor function. This can lead to a denial of service through a null pointer dereference. The issue arises from an unchecked cast of a `usize` parameter to `c int`, potentially resulting in a negative value being passed to the `sws allocVec()` function. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** rust-ffmpeg versions 0.3.0 and later (after commit 5ac0527) **Description** A use-after-free issue exists in the `write interleaved` method. This can lead to a denial of service or memory corruption. The method violates Rust's aliasing rules by modifying a data structure through a mutable pointer while holding an immutable reference, resulting in undefined behavior when the data is accessed. **Recommendations** Update to a newer version of rust-ffmpeg that contains a fix for this issue.