gst/id3demux/id3v2frames.c: Never trust ANY information encoded in a media file, especially when it's giving you size...

Original commit message from CVS:
* gst/id3demux/id3v2frames.c: (id3demux_id3v2_parse_frame):
Never trust ANY information encoded in a media file, especially
when it's giving you sizes. (Fixes #328452)
This commit is contained in:
Jan Schmidt 2006-01-25 18:23:05 +00:00
parent d653e45ce4
commit 73c1153f52
2 changed files with 17 additions and 0 deletions

View file

@ -1,3 +1,9 @@
2006-01-25 Jan Schmidt <thaytan@mad.scientist.com>
* gst/id3demux/id3v2frames.c: (id3demux_id3v2_parse_frame):
Never trust ANY information encoded in a media file, especially
when it's giving you sizes. (Fixes #328452)
2006-01-24 Edgard Lima <edgard.lima@indt.org.br> 2006-01-24 Edgard Lima <edgard.lima@indt.org.br>
* gst/rtp/gstrtpg711pay.c: * gst/rtp/gstrtpg711pay.c:

View file

@ -95,6 +95,11 @@ id3demux_id3v2_parse_frame (ID3TagsWorking * work)
work->parse_size = read_synch_uint (frame_data, 4); work->parse_size = read_synch_uint (frame_data, 4);
frame_data += 4; frame_data += 4;
frame_data_size -= 4; frame_data_size -= 4;
if (work->parse_size < frame_data_size) {
GST_WARNING ("ID3v2 frame %s has invalid size %d.", tag_name,
frame_data_size);
return FALSE;
}
} else } else
work->parse_size = frame_data_size; work->parse_size = frame_data_size;
@ -113,6 +118,12 @@ id3demux_id3v2_parse_frame (ID3TagsWorking * work)
g_free (work->parse_data); g_free (work->parse_data);
return FALSE; return FALSE;
} }
if (destSize != work->parse_size) {
GST_WARNING
("Decompressing ID3v2 frame %s did not produce expected size %d bytes (got %d)",
tag_name, work->parse_data, destSize);
return FALSE;
}
#else #else
GST_WARNING ("Compressed ID3v2 tag frame could not be decompressed" GST_WARNING ("Compressed ID3v2 tag frame could not be decompressed"
" because gstid3demux was compiled without zlib support"); " because gstid3demux was compiled without zlib support");