From e9e0d0f0ebd4eb6f30b08f347e387ec0d878c246 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Sebastian=20Dr=C3=B6ge?= Date: Tue, 6 May 2008 08:43:57 +0000 Subject: [PATCH] Don't allow negative sizes when allocating new buffers. Original commit message from CVS: * gst/gstpad.c: (gst_pad_alloc_buffer_full): * libs/gst/base/gstbasetransform.c: (gst_base_transform_prepare_output_buffer): Don't allow negative sizes when allocating new buffers. Fixes bug #461253. --- ChangeLog | 8 ++++++++ common | 2 +- gst/gstpad.c | 6 ++++++ libs/gst/base/gstbasetransform.c | 4 ++++ 4 files changed, 19 insertions(+), 1 deletion(-) diff --git a/ChangeLog b/ChangeLog index c17bdfdda3..e053e2e4e2 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,11 @@ +2008-05-06 Sebastian Dröge + + * gst/gstpad.c: (gst_pad_alloc_buffer_full): + * libs/gst/base/gstbasetransform.c: + (gst_base_transform_prepare_output_buffer): + Don't allow negative sizes when allocating new buffers. + Fixes bug #461253. + 2008-05-05 Tim-Philipp Müller Patch by: Sjoerd Simons diff --git a/common b/common index f6fc3fa764..9b28214399 160000 --- a/common +++ b/common @@ -1 +1 @@ -Subproject commit f6fc3fa7643c03eb912f4e259d48c99b0e8d0aca +Subproject commit 9b28214399156457fd6b43d0604a47e4bdf19c28 diff --git a/gst/gstpad.c b/gst/gstpad.c index c423252c3c..4a1fa5bcde 100644 --- a/gst/gstpad.c +++ b/gst/gstpad.c @@ -2711,6 +2711,7 @@ fallback: } } +/* FIXME 0.11: size should be unsigned */ static GstFlowReturn gst_pad_alloc_buffer_full (GstPad * pad, guint64 offset, gint size, GstCaps * caps, GstBuffer ** buf, gboolean setcaps) @@ -2722,6 +2723,7 @@ gst_pad_alloc_buffer_full (GstPad * pad, guint64 offset, gint size, g_return_val_if_fail (GST_IS_PAD (pad), GST_FLOW_ERROR); g_return_val_if_fail (GST_PAD_IS_SRC (pad), GST_FLOW_ERROR); g_return_val_if_fail (buf != NULL, GST_FLOW_ERROR); + g_return_val_if_fail (size >= 0, GST_FLOW_ERROR); GST_DEBUG_OBJECT (pad, "offset %" G_GUINT64_FORMAT ", size %d", offset, size); @@ -2816,6 +2818,8 @@ not_negotiated: * * MT safe. */ + +/* FIXME 0.11: size should be unsigned */ GstFlowReturn gst_pad_alloc_buffer (GstPad * pad, guint64 offset, gint size, GstCaps * caps, GstBuffer ** buf) @@ -2843,6 +2847,8 @@ gst_pad_alloc_buffer (GstPad * pad, guint64 offset, gint size, GstCaps * caps, * * MT safe. */ + +/* FIXME 0.11: size should be unsigned */ GstFlowReturn gst_pad_alloc_buffer_and_set_caps (GstPad * pad, guint64 offset, gint size, GstCaps * caps, GstBuffer ** buf) diff --git a/libs/gst/base/gstbasetransform.c b/libs/gst/base/gstbasetransform.c index 5777b848c1..53e66309a0 100644 --- a/libs/gst/base/gstbasetransform.c +++ b/libs/gst/base/gstbasetransform.c @@ -884,6 +884,8 @@ failed_configure: * inbuf, the caller should be prepared for this and perform * appropriate refcounting. */ + +/* FIXME 0.11: out_size should be unsigned */ static GstFlowReturn gst_base_transform_prepare_output_buffer (GstBaseTransform * trans, GstBuffer * in_buf, gint out_size, GstCaps * out_caps, GstBuffer ** out_buf) @@ -892,6 +894,8 @@ gst_base_transform_prepare_output_buffer (GstBaseTransform * trans, GstFlowReturn ret = GST_FLOW_OK; gboolean copy_inbuf = FALSE; + g_return_val_if_fail (out_size >= 0, GST_FLOW_ERROR); + bclass = GST_BASE_TRANSFORM_GET_CLASS (trans); /* we cannot reconfigure the element yet as we are still processing -- 2.34.1