mirrors/gstreamer
mirrors/gstreamer
1
1
Fork 0
mirror of https://gitlab.freedesktop.org/gstreamer/gstreamer.git synced 2024-12-18 14:26:43 +00:00
Code Issues 1 Projects Releases Wiki Activity

qtdemux: Check for invalid atom length when extracting Closed Caption data

Browse source 
Thanks to Antonio Morales for finding and reporting the issue.

Fixes GHSL-2024-243
Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/3849

Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8059>
This commit is contained in:
Sebastian Dröge 2024-09-26 19:16:19 +03:00 committed by GStreamer Marge Bot
parent 7d3f221d87
commit bfebca8307
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
subprojects/gst-plugins-good/gst/isomp4/qtdemux.c
View file

@ -6193,7 +6193,7 @@ extract_cc_from_data (QtDemuxStream * stream, const guint8 * data, gsize size,
goto invalid_cdat;
atom_length = QT_UINT32 (data);
fourcc = QT_FOURCC (data + 4);
if (G_UNLIKELY (atom_length > size || atom_length == 8))
if (G_UNLIKELY (atom_length > size || atom_length <= 8))
goto invalid_cdat;
GST_DEBUG_OBJECT (stream->pad, "here");