projects / platform / upstream / gst-plugins-ugly.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: d5c390b)
apply cve patch for security weakness 45/133245/1 accepted/tizen_3.0_ivi accepted/tizen/3.0/common/20170616.065210 accepted/tizen/3.0/ivi/20170615.081119 accepted/tizen/3.0/mobile/20170615.081057 accepted/tizen/3.0/tv/20170615.081104 accepted/tizen/3.0/wearable/20170615.081112 submit/tizen_3.0/20170615.031011
authorSejun Park <sejun79.park@samsung.com>
Thu, 1 Jun 2017 06:09:02 +0000 (15:09 +0900)
committerSejun Park <sejun79.park@samsung.com>
Fri, 9 Jun 2017 09:48:17 +0000 (18:48 +0900)
Change-Id: I9725fb3300eaee3b047e236297db57517de02031

gst/asfdemux/gstasfdemux.c patch | blob | history

diff --git a/gst/asfdemux/gstasfdemux.c b/gst/asfdemux/gstasfdemux.c
index 4bf0619b8f2d515cc7ccc8fd662ba3b6e17358d7..2db00d21343db534165b60776e174abba0ed3dd3 100644 (file)
--- a/gst/asfdemux/gstasfdemux.c
+++ b/gst/asfdemux/gstasfdemux.c
@@ -3203,7 +3203,12 @@ gst_asf_demux_process_ext_content_desc (GstASFDemux * demux, guint8 * data,
           break;
         }
         case ASF_DEMUX_DATA_TYPE_DWORD:{
-          guint uint_val = GST_READ_UINT32_LE (value);
+          guint uint_val;
+
+          if (value_len < 4)
+            break;
+
+          uint_val = GST_READ_UINT32_LE (value);
 
           /* this is the track number */
           g_value_init (&tag_value, G_TYPE_UINT);
@@ -3217,7 +3222,12 @@ gst_asf_demux_process_ext_content_desc (GstASFDemux * demux, guint8 * data,
         }
           /* Detect 3D */
         case ASF_DEMUX_DATA_TYPE_BOOL:{
-          gboolean bool_val = GST_READ_UINT32_LE (value);
+          gboolean bool_val;
+
+          if (value_len < 4)
+            break;
+
+          bool_val = GST_READ_UINT32_LE (value);
 
           if (strncmp ("Stereoscopic", name_utf8, strlen (name_utf8)) == 0) {
             if (bool_val) {
Domain: Multimedia / Media Common;