projects / platform / upstream / gstreamer.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 8f04506)
wavparse: Check that at least 32 bytes are available before parsing smpl chunks
authorSebastian Dröge <sebastian@centricular.com>
Fri, 4 Oct 2024 10:22:02 +0000 (13:22 +0300)
committerGStreamer Marge Bot <gitlab-merge-bot@gstreamer-foundation.org>
Tue, 3 Dec 2024 13:51:00 +0000 (13:51 +0000)
Thanks to Antonio Morales for finding and reporting the issue.

Fixes GHSL-2024-259
Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/3887

Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8054>

subprojects/gst-plugins-good/gst/wavparse/gstwavparse.c patch | blob | history

diff --git a/subprojects/gst-plugins-good/gst/wavparse/gstwavparse.c b/subprojects/gst-plugins-good/gst/wavparse/gstwavparse.c
index c36920501e122fe21cdbaf1a6c3a2a7e162b6be7..e42bb24b9bc7d29a72e162dbf580c4de46bca530 100644 (file)
--- a/subprojects/gst-plugins-good/gst/wavparse/gstwavparse.c
+++ b/subprojects/gst-plugins-good/gst/wavparse/gstwavparse.c
@@ -893,6 +893,9 @@ gst_wavparse_smpl_chunk (GstWavParse * wav, const guint8 * data, guint32 size)
 {
   guint32 note_number;
 
+  if (size < 32)
+    return FALSE;
+
   /*
      manufacturer_id = GST_READ_UINT32_LE (data);
      product_id = GST_READ_UINT32_LE (data + 4);
Domain: Multimedia / Media Common;