mirror of
https://gitlab.freedesktop.org/gstreamer/gstreamer.git
synced 2024-12-24 01:00:37 +00:00
wavparse: Fix clipping of size to the file size
The size does not include the 8 bytes tag and length, so an additional 8 bytes must be removed here. 8 bytes are always available at this point because otherwise the parsing of the tag and length right above would've failed. Thanks to Antonio Morales for finding and reporting the issue. Fixes GHSL-2024-260 Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/3888 Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8042>
This commit is contained in:
parent
93d79c22a8
commit
526d0eef0d
1 changed files with 3 additions and 2 deletions
|
@ -1338,10 +1338,11 @@ gst_wavparse_stream_headers (GstWavParse * wav)
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Clip to upstream size if known */
|
/* Clip to upstream size if known */
|
||||||
if (upstream_size > 0 && size + wav->offset > upstream_size) {
|
if (upstream_size > 0 && size + 8 + wav->offset > upstream_size) {
|
||||||
GST_WARNING_OBJECT (wav, "Clipping chunk size to file size");
|
GST_WARNING_OBJECT (wav, "Clipping chunk size to file size");
|
||||||
g_assert (upstream_size >= wav->offset);
|
g_assert (upstream_size >= wav->offset);
|
||||||
size = upstream_size - wav->offset;
|
g_assert (upstream_size - wav->offset >= 8);
|
||||||
|
size = upstream_size - wav->offset - 8;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* wav is a st00pid format, we don't know for sure where data starts.
|
/* wav is a st00pid format, we don't know for sure where data starts.
|
||||||
|
|
Loading…
Reference in a new issue