projects / platform / upstream / gstreamer.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: fddda16) | patch
mxfdemux: Fix integer overflow causing out of bounds writes when handling invalid...
authorSebastian Dröge <sebastian@centricular.com>
Thu, 10 Aug 2023 12:45:01 +0000 (15:45 +0300)
committerTim-Philipp Müller <tim@centricular.com>
Wed, 20 Sep 2023 14:14:27 +0000 (15:14 +0100)
commitf73fc41f2ca6a0cd4e883aee64bf8e1c15ff68ce
tree1787327962931176916895d4589ae11c5d017ca2tree | snapshot
parentfddda166222a067d0e511950a0a8cfb9f5a521b7commit | diff
mxfdemux: Fix integer overflow causing out of bounds writes when handling invalid uncompressed video

Check ahead of time when parsing the track information whether
width, height and bpp are valid and usable without overflows.

Fixes ZDI-CAN-21660, CVE-2023-40474

Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/2896

Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/5365>
subprojects/gst-plugins-bad/gst/mxf/mxfup.c diff | blob | history
Domain: Multimedia / Media Common;