projects / platform / upstream / gstreamer.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: bf95f93)
wavparse: clip chunk length to available data (when known)
authorVincent Penquerc'h <vincent.penquerch@collabora.co.uk>
Fri, 20 Mar 2015 09:07:35 +0000 (09:07 +0000)
committerVincent Penquerc'h <vincent.penquerch@collabora.co.uk>
Tue, 7 Apr 2015 11:12:44 +0000 (12:12 +0100)
This prevents silly chunk lengths from possibly overflowing
(at least when we know the actual data length).

https://bugzilla.gnome.org/show_bug.cgi?id=722567

gst/wavparse/gstwavparse.c patch | blob | history

diff --git a/gst/wavparse/gstwavparse.c b/gst/wavparse/gstwavparse.c
index 0aa24c2..35562a8 100644 (file)
--- a/gst/wavparse/gstwavparse.c
+++ b/gst/wavparse/gstwavparse.c
@@ -1261,8 +1261,14 @@ gst_wavparse_stream_headers (GstWavParse * wav)
     }
 
     GST_INFO_OBJECT (wav,
-        "Got TAG: %" GST_FOURCC_FORMAT ", offset %" G_GUINT64_FORMAT,
-        GST_FOURCC_ARGS (tag), wav->offset);
+        "Got TAG: %" GST_FOURCC_FORMAT ", offset %" G_GUINT64_FORMAT ", size %"
+        G_GUINT32_FORMAT, GST_FOURCC_ARGS (tag), wav->offset, size);
+
+    /* Clip to upstream size if known */
+    if (wav->datasize > 0 && size + wav->offset > wav->datasize) {
+      GST_WARNING_OBJECT (wav, "Clipping chunk size to file size");
+      size = wav->datasize - wav->offset;
+    }
 
     /* wav is a st00pid format, we don't know for sure where data starts.
      * So we have to go bit by bit until we find the 'data' header
Domain: Multimedia / Media Common;