projects / platform / upstream / gstreamer.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 7bea2b3)
Add buffer length checks to every typefinding function
authorDavid Schleef <ds@schleef.org>
Thu, 24 Jul 2003 08:49:42 +0000 (08:49 +0000)
committerDavid Schleef <ds@schleef.org>
Thu, 24 Jul 2003 08:49:42 +0000 (08:49 +0000)
Original commit message from CVS:
Add buffer length checks to every typefinding function

ext/dv/gstdvdec.c patch | blob | history
ext/flac/gstflac.c patch | blob | history
gst/auparse/gstauparse.c patch | blob | history
gst/avi/gstavidemux.c patch | blob | history

diff --git a/ext/dv/gstdvdec.c b/ext/dv/gstdvdec.c
index d7500cc..e28f836 100644 (file)
--- a/ext/dv/gstdvdec.c
+++ b/ext/dv/gstdvdec.c
@@ -161,9 +161,14 @@ GST_PAD_TEMPLATE_FACTORY ( audio_src_temp,
 static GstCaps*
 dv_type_find (GstBuffer *buf, gpointer private)
 {
-  guint32 head = GUINT32_FROM_BE(*((guint32 *)GST_BUFFER_DATA(buf)));
+  guint32 head;
   GstCaps *new = NULL;
 
+  if (GST_BUFFER_SIZE (buf) < 5)
+    return NULL;
+
+  head = GUINT32_FROM_BE(*((guint32 *)GST_BUFFER_DATA(buf)));
+
   /* check for DIF  and DV flag */
   if ((head & 0xffffff00) == 0x1f070000 && !(GST_BUFFER_DATA(buf)[4] & 0x01)) {
     gchar *format;
diff --git a/ext/flac/gstflac.c b/ext/flac/gstflac.c
index af10d79..b8dd73e 100644 (file)
--- a/ext/flac/gstflac.c
+++ b/ext/flac/gstflac.c
@@ -71,8 +71,12 @@ static GstTypeDefinition flacdefinition = {
 static GstCaps* 
 flac_type_find (GstBuffer *buf, gpointer private) 
 {
-  guint32 head = GUINT32_FROM_BE (*((guint32 *)GST_BUFFER_DATA (buf)));
+  guint32 head;
+  
+  if (GST_BUFFER_SIZE (buf) < 4)
+    return NULL;
 
+  head = GUINT32_FROM_BE (*((guint32 *)GST_BUFFER_DATA (buf)));
   if (head  != 0x664C6143)
     return NULL;
 
diff --git a/gst/auparse/gstauparse.c b/gst/auparse/gstauparse.c
index 82f802f..9942fd7 100644 (file)
--- a/gst/auparse/gstauparse.c
+++ b/gst/auparse/gstauparse.c
@@ -47,6 +47,9 @@ au_type_find (GstBuffer *buf, gpointer private)
   GstCaps *new = NULL;
   gulong *head = (gulong *) GST_BUFFER_DATA (buf);
 
+  if (GST_BUFFER_SIZE (buf) < 4)
+    return NULL;
+
   if (*head == 0x2e736e64 || *head == 0x646e732e)
     new = gst_caps_new ("au_type_find", "audio/au", NULL);
 
diff --git a/gst/avi/gstavidemux.c b/gst/avi/gstavidemux.c
index 8beea33..bb2abe5 100644 (file)
--- a/gst/avi/gstavidemux.c
+++ b/gst/avi/gstavidemux.c
@@ -181,6 +181,9 @@ avi_type_find (GstBuffer *buf,
 
   GST_DEBUG ("avi_demux: typefind");
 
+  if (GST_BUFFER_SIZE (buf) < 12)
+    return NULL;
+
   if (GUINT32_FROM_LE (((guint32 *)data)[0]) != GST_RIFF_TAG_RIFF)
     return NULL;
   if (GUINT32_FROM_LE (((guint32 *)data)[2]) != GST_RIFF_RIFF_AVI)
Domain: Multimedia / Media Common;