mirrors/gstreamer
mirrors/gstreamer
1
1
Fork 0
mirror of https://gitlab.freedesktop.org/gstreamer/gstreamer.git synced 2024-12-23 16:50:47 +00:00
Code Issues 1 Projects Releases Wiki Activity

bufferlist: fix abort due to underflow when creating 0-sized list

Browse source 
gst_buffer_list_new_sized(0) will cause an underflow in a calculation
which then makes it try to allocate huge amounts of memory, which
may lead to aborts.

https://bugzilla.gnome.org/show_bug.cgi?id=795758
This commit is contained in:
Tim-Philipp Müller 2018-05-05 16:16:45 +02:00
parent d06895ce5d
commit a5ecb465a9
2 changed files with 13 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
gst/gstbufferlist.c
View file

@ -149,6 +149,9 @@ gst_buffer_list_new_sized (guint size)
gsize slice_size;
guint n_allocated;
if (size == 0)
size = 1;
n_allocated = GST_ROUND_UP_16 (size);
slice_size = sizeof (GstBufferList) + (n_allocated - 1) * sizeof (gpointer);

10
tests/check/gst/gstbufferlist.c
View file

@ -474,6 +474,15 @@ GST_START_TEST (test_calc_size)
GST_END_TEST;
GST_START_TEST (test_new_sized_0)
{
GstBufferList *b = gst_buffer_list_new_sized (0);
gst_buffer_list_unref (b);
}
GST_END_TEST;
static Suite *
gst_buffer_list_suite (void)
{
@ -491,6 +500,7 @@ gst_buffer_list_suite (void)
tcase_add_test (tc_chain, test_expand_and_remove);
tcase_add_test (tc_chain, test_get_writable);
tcase_add_test (tc_chain, test_calc_size);
tcase_add_test (tc_chain, test_new_sized_0);
return s;
}