projects / platform / upstream / gst-plugins-ugly.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 8f05e8f)
asfdemux: Add sanity check for asf_stream_audio
authorEdward Hervey <edward@centricular.com>
Fri, 25 Nov 2016 09:07:35 +0000 (10:07 +0100)
committerEdward Hervey <bilboed@bilboed.com>
Fri, 25 Nov 2016 09:08:31 +0000 (10:08 +0100)
We should have enough bytes for the specified codec_data

https://bugzilla.gnome.org/show_bug.cgi?id=775070

gst/asfdemux/gstasfdemux.c patch | blob | history

diff --git a/gst/asfdemux/gstasfdemux.c b/gst/asfdemux/gstasfdemux.c
index 8d9dfef..e1d6273 100644 (file)
--- a/gst/asfdemux/gstasfdemux.c
+++ b/gst/asfdemux/gstasfdemux.c
@@ -2507,6 +2507,11 @@ gst_asf_demux_get_stream_audio (asf_stream_audio * audio, guint8 ** p_data,
   audio->word_size = gst_asf_demux_get_uint16 (p_data, p_size);
   /* Codec specific data size */
   audio->size = gst_asf_demux_get_uint16 (p_data, p_size);
+  if (audio->size > *p_size) {
+    GST_WARNING ("Corrupted audio codec_data (should be at least %u bytes, is %"
+        G_GUINT64_FORMAT " long)", audio->size, *p_size);
+    return FALSE;
+  }
   return TRUE;
 }
 
Domain: Multimedia / Media Common;