From: Edward Hervey <edward@centricular.com>
Date: Sat, 17 Mar 2018 05:33:38 +0000 (+0100)
Subject: oggstream: protect against out-of-bounds read
X-Git-Tag: 1.16.2~754
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=17d5f0831660ebc9ea12fc836a2af77f540753d2;p=platform%2Fupstream%2Fgst-plugins-base.git

oggstream: protect against out-of-bounds read

We need at least 17 bytes of data for a valid flac header

oss-fuzz #6974
---

diff --git a/ext/ogg/gstoggstream.c b/ext/ogg/gstoggstream.c
index 91f65ee..25b880f 100644
--- a/ext/ogg/gstoggstream.c
+++ b/ext/ogg/gstoggstream.c
@@ -1050,6 +1050,9 @@ static gboolean
 is_header_fLaC (GstOggStream * pad, ogg_packet * packet)
 {
   if (pad->n_header_packets_seen == 1) {
+    if (packet->bytes < 17)
+      return FALSE;
+
     pad->granulerate_n = (packet->packet[14] << 12) |
         (packet->packet[15] << 4) | ((packet->packet[16] >> 4) & 0xf);
   }