Check the right variable when checking if there's
enough data left to read the frame size. (CVE-2021-3522)
Closes https://gitlab.freedesktop.org/gstreamer/gst-plugins-base/-/issues/876
Part-of: <https://gitlab.freedesktop.org/gstreamer/gst-plugins-base/-/merge_requests/1065>
Change-Id: I4d054060dcac65b49832d629337a06d038f32386
if (work->frame_flags & (ID3V2_FRAME_FORMAT_COMPRESSION |
ID3V2_FRAME_FORMAT_DATA_LENGTH_INDICATOR)) {
- if (work->hdr.frame_data_size <= 4)
+ if (frame_data_size <= 4)
return FALSE;
if (ID3V2_VER_MAJOR (work->hdr.version) == 3) {
work->parse_size = GST_READ_UINT32_BE (frame_data);
Name: gst-plugins-base
Version: 1.16.2
-Release: 19
+Release: 20
License: LGPL-2.0+
Summary: GStreamer Streaming-Media Framework Plug-Ins
Url: http://gstreamer.freedesktop.org/