Sebastian Dröge
519d86d9f3
qtdemux: Add size check for parsing SMI / SEQH atom
...
Thanks to Antonio Morales for finding and reporting the issue.
Fixes GHSL-2024-244
Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/3853
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8059 >
2024-12-03 21:01:41 +00:00
Sebastian Dröge
bfebca8307
qtdemux: Check for invalid atom length when extracting Closed Caption data
...
Thanks to Antonio Morales for finding and reporting the issue.
Fixes GHSL-2024-243
Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/3849
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8059 >
2024-12-03 21:01:41 +00:00
Sebastian Dröge
7d3f221d87
qtdemux: Actually handle errors returns from various functions instead of ignoring them
...
Ignoring them might cause the element to continue as if all is fine despite the
internal state being inconsistent. This can lead to all kinds of follow-up
issues, including memory safety issues.
Thanks to Antonio Morales for finding and reporting the issue.
Fixes GHSL-2024-245
Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/3847
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8059 >
2024-12-03 21:01:41 +00:00
Sebastian Dröge
19359e2b25
qtdemux: Make sure there are enough offsets to read when parsing samples
...
While this specific case is also caught when initializing co_chunk, the error
is ignored in various places and calling into the function would lead to out of
bounds reads if the error message doesn't cause the pipeline to be shut down
fast enough.
To avoid this, no matter what, make sure enough offsets are available when
parsing them. While this is potentially slower, the same is already done in the
non-chunks_are_samples case.
Thanks to Antonio Morales for finding and reporting the issue.
Fixes GHSL-2024-245
Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/3847
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8059 >
2024-12-03 21:01:41 +00:00
Sebastian Dröge
4a0e8bf92b
qtdemux: Fix error handling when parsing cenc sample groups fails
...
Thanks to Antonio Morales for finding and reporting the issue.
Fixes GHSL-2024-238, GHSL-2024-239, GHSL-2024-240
Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/3846
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8059 >
2024-12-03 21:01:41 +00:00
Sebastian Dröge
98f3934c48
qtdemux: Fix length checks and offsets in stsd entry parsing
...
Thanks to Antonio Morales for finding and reporting the issue.
Fixes GHSL-2024-242
Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/3845
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8059 >
2024-12-03 21:01:41 +00:00
Sebastian Dröge
c1cd838706
qtdemux: Make sure enough data is available before reading wave header node
...
Thanks to Antonio Morales for finding and reporting the issue.
Fixes GHSL-2024-236
Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/3843
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8059 >
2024-12-03 21:01:41 +00:00
Sebastian Dröge
1d534ac209
qtdemux: Make sure only an even number of bytes is processed when handling CEA608 data
...
An odd number of bytes would lead to out of bound reads and writes, and doesn't
make any sense as CEA608 comes in byte pairs.
Strip off any leftover bytes and assume everything before that is valid.
Thanks to Antonio Morales for finding and reporting the issue.
Fixes GHSL-2024-195
Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/3841
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8059 >
2024-12-03 21:01:41 +00:00
Sebastian Dröge
5a9e80c01b
qtdemux: Check sizes of stsc/stco/stts before trying to merge entries
...
Thanks to Antonio Morales for finding and reporting the issue.
Fixes GHSL-2024-246
Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/3854
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8059 >
2024-12-03 21:01:41 +00:00
Sebastian Dröge
0f4dae9b01
qtdemux: Don't iterate over all trun entries if none of the flags are set
...
Nothing would be printed anyway.
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8059 >
2024-12-03 21:01:41 +00:00
Sebastian Dröge
cbd659c58f
qtdemux: Fix debug output during trun parsing
...
Various integers are unsigned so print them as such. Also print the actual
allocation size if allocation fails, not only parts of it.
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8059 >
2024-12-03 21:01:41 +00:00
Antonio Morales
ae61a604c0
qtdemux: Fix integer overflow when allocating the samples table for fragmented MP4
...
This can lead to out of bounds writes and NULL pointer dereferences.
Fixes GHSL-2024-094, GHSL-2024-237, GHSL-2024-241
Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/3839
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8059 >
2024-12-03 21:01:41 +00:00
Sebastian Dröge
474eb62d85
matroskademux: Put a copy of the codec data into the A_MS/ACM caps
...
The original codec data buffer is owned by matroskademux and does not
necessarily live as long as the caps.
Thanks to Antonio Morales for finding and reporting the issue.
Fixes GHSL-2024-280
Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/3894
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8057 >
2024-12-03 20:02:52 +00:00
Sebastian Dröge
b84a0f3263
matroskademux: Skip over zero-sized Xiph stream headers
...
Thanks to Antonio Morales for finding and reporting the issue.
Fixes GHSL-2024-251
Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/3867
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8057 >
2024-12-03 20:02:52 +00:00
Sebastian Dröge
c20eff779d
matroskademux: Skip over laces directly when postprocessing the frame fails
...
Otherwise NULL buffers might be handled afterwards.
Thanks to Antonio Morales for finding and reporting the issue.
Fixes GHSL-2024-249
Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/3865
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8057 >
2024-12-03 20:02:52 +00:00
Sebastian Dröge
395f2b3ffd
matroskademux: Don't take data out of an empty adapter when processing WavPack frames
...
Thanks to Antonio Morales for finding and reporting the issue.
Fixes GHSL-2024-249
Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/3865
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8057 >
2024-12-03 20:02:52 +00:00
Sebastian Dröge
8aa1c185cf
matroskademux: Check for big enough WavPack codec private data before accessing it
...
Thanks to Antonio Morales for finding and reporting the issue.
Fixes GHSL-2024-250
Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/3866
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8057 >
2024-12-03 20:02:52 +00:00
Sebastian Dröge
b7ad9a2c5d
matroskademux: Fix off-by-one when parsing multi-channel WavPack
...
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8057 >
2024-12-03 20:02:52 +00:00
Sebastian Dröge
c0dceda8e9
matroskademux: Only unmap GstMapInfo in WavPack header extraction error paths if previously mapped
...
Thanks to Antonio Morales for finding and reporting the issue.
Fixes GHSL-2024-197
Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/3863
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8057 >
2024-12-03 20:02:51 +00:00
Sebastian Dröge
0870e87c7c
avisubtitle: Fix size checks and avoid overflows when checking sizes
...
Thanks to Antonio Morales for finding and reporting the issue.
Fixes GHSL-2024-262
Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/3890
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8043 >
2024-12-03 18:57:06 +00:00
Sebastian Dröge
4f381d1501
wavparse: Check size before reading ds64 chunk
...
Thanks to Antonio Morales for finding and reporting the issue.
Fixes GHSL-2024-261
Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/3889
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8042 >
2024-12-03 18:03:43 +00:00
Sebastian Dröge
526d0eef0d
wavparse: Fix clipping of size to the file size
...
The size does not include the 8 bytes tag and length, so an additional 8 bytes
must be removed here. 8 bytes are always available at this point because
otherwise the parsing of the tag and length right above would've failed.
Thanks to Antonio Morales for finding and reporting the issue.
Fixes GHSL-2024-260
Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/3888
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8042 >
2024-12-03 18:03:43 +00:00
Sebastian Dröge
93d79c22a8
wavparse: Check that at least 32 bytes are available before parsing smpl chunks
...
Thanks to Antonio Morales for finding and reporting the issue.
Fixes GHSL-2024-259
Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/3887
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8042 >
2024-12-03 18:03:43 +00:00
Sebastian Dröge
c72025cabd
wavparse: Check that at least 4 bytes are available before parsing cue chunks
...
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8042 >
2024-12-03 18:03:43 +00:00
Sebastian Dröge
296e17b4ea
wavparse: Fix parsing of acid chunk
...
Simply casting the bytes to a struct can lead to crashes because of unaligned
reads, and is also missing the endianness swapping that is necessary on big
endian architectures.
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8042 >
2024-12-03 18:03:43 +00:00
Sebastian Dröge
4c198f4891
wavparse: Make sure enough data for the tag list tag is available before parsing
...
Thanks to Antonio Morales for finding and reporting the issue.
Fixes GHSL-2024-258
Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/3886
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8042 >
2024-12-03 18:03:43 +00:00
Sebastian Dröge
13b48016b3
wavparse: Check for short reads when parsing headers in pull mode
...
And also return the actual flow return to the caller instead of always returning
GST_FLOW_ERROR.
Thanks to Antonio Morales for finding and reporting the issue.
Fixes GHSL-2024-258, GHSL-2024-260
Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/3886
Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/3888
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8042 >
2024-12-03 18:03:43 +00:00
Sebastian Dröge
f8e398c46f
qtdemux: Avoid integer overflow when parsing Theora extension
...
Thanks to Antonio Morales for finding and reporting the issue.
Fixes GHSL-2024-166
Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/3851
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8032 >
2024-12-03 02:24:16 +00:00
Nicolas Dufresne
85969fdaa7
level: Fix integer overflow when filling LevelMeta
...
The level in GstAudioLevelMeta is represented as a signed 8bit value from 0 to
127 (with 127 meaning silence). When converting from double, make sure to clip
the value, this also prevent integer overflow in the conversion. This fixes an
issue where a lower then -127db is reported and random level with near silent
streams (due to integer overflow).
Fixes #4068
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8012 >
2024-12-02 19:08:49 +00:00
Sebastian Dröge
3cdc14df99
flvmux: Fix off-by-one in month/day-of-the-week array
...
Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/4074
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8017 >
2024-12-01 09:49:29 +00:00
Sebastian Dröge
73ab6adaf5
rtspsrc: Update version of tcp-timestamp property to 1.24.10
...
It was backported to 1.24.
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8005 >
2024-11-29 11:12:04 +00:00
Sebastian Dröge
835e232e8c
rtspsrc: Use a flow combiner at the source pads instead of custom logic
...
Most importantly, this ensures that UDP streams still continue to run even if
they are not linked for a while. With decodebin3 the pads will all be unlinked
unless selected, and selecting a stream at a later time would otherwise switch
to a stream with a stopped udpsrc.
Apart from that this also ensures that actual errors from handling RTP packets
between udpsrc and the source pads are not silently ignored but considered
errors like they would be for TCP/interleaved.
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/7946 >
2024-11-28 09:40:21 +00:00
Sebastian Dröge
f880abba46
rtspsrc: Don't set pad event/query function twice
...
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/7946 >
2024-11-28 09:40:21 +00:00
Sebastian Dröge
025b4a2f8d
splitmuxsrc: Convert part reader to a bin with a non-async bus
...
A pipeline always has an async bus, which involves allocating an fd pair. As
splitmuxsrc only uses the bus' sync handler, this is not required and can easily
cause splitmuxsrc to exceed the fd limit for no good reason.
The other features of GstPipeline are also not needed here, e.g. clock selection.
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/7952 >
2024-11-25 15:55:50 +02:00
Diego Nieto
c10c55bc5a
rtpsource: include config.h header to avoid g_memdup2 link issue
...
Without adding the header a link issue related g_memdup2 might happen.
In versions below 2.67.4 that symbol is manually introduced in the
meson config files.
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/7933 >
2024-11-21 01:11:22 +00:00
Marek Olejnik
6f0304fc72
navigationtest: Fix plugin description
...
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/7922 >
2024-11-19 17:24:51 +00:00
Matthew Waters
1814d7ae11
rtph26xpay: silence some maybe-unitialized warnings
...
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/7875 >
2024-11-18 12:10:58 +11:00
Albert Sjolund
72edd65710
rtpmanager: don't map READWRITE in twcc header ext
...
There is no need to map the buffer as writable, as there is
only a read performed on the mapped buffer. This is in line
with other header extensions, as no other extensions maps
it as readwrite.
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/7895 >
2024-11-17 10:00:12 +00:00
Sebastian Dröge
2bbf095e5b
matroskamux: Simplify timestamp comparison logic in find_best_pad()
...
If a buffer has no timestamp it is immediately muxed so we can directly break
the loop and simplify comparisons in the other cases.
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/7872 >
2024-11-15 22:33:53 +00:00
Sebastian Dröge
a391728ad4
matroskamux: Don't time out in live mode if no timestamped next buffer is available
...
The muxer can only advance the time if it has a timestamped buffer that can be
output, otherwise it will just busy-wait and use up a lot of CPU.
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/7872 >
2024-11-15 22:33:53 +00:00
Philippe Normand
701f563996
matroskamux: Delay stream-header until all sink pads have caps
...
If we don't wait, an incomplete header might be generated due to a race between
the _aggregate thread and the sink pad setcaps.
Fixes #3929
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/7872 >
2024-11-15 22:33:53 +00:00
Jan Alexander Steffens (heftig)
65e071c1c8
flvmux: Mux timestampless buffers immediately
...
Instead of leaving them queued indefinitely, or until we're timing out
and it's the only buffer queued.
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/7871 >
2024-11-15 15:58:07 +00:00
Sebastian Dröge
969b51acb6
flvmux: Don't time out in live mode if no timestamped next buffer is available
...
But also don't wait for a buffer on both pads, which might take forever in case
of gaps in one of the streams.
The muxer can only advance the time if it has a timestamped buffer that can be
output, otherwise it will just busy-wait and use up a lot of CPU.
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/7871 >
2024-11-15 15:58:07 +00:00
Robert Rosengren
ff14e1a9e3
udpsrc: protect cancellable from unlock/unlock_stop race
...
Protect cancellable from simultaneous unlock and unlock_stop calls from
basesrc class.
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/7885 >
2024-11-15 10:33:44 +00:00
Dean Zhang (张安迪)
a7f35d4f3c
qtdemux: Add support for m1v fourcc when subtype is vide
...
Some special videos with mlv fourcc can't be recognized by
qtdemux when the subtype of the video is vide instead of
m1v, and will cause negotiation error in subsequent plugin.
So make the handle in qtdemux_video_caps. It might be better
than nothing.
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/7855 >
2024-11-11 12:04:04 +00:00
Jonas K Danielsson
20e3454c26
udpsrc: Disable allocated port reuse for unicast
...
The `reuse` property end up setting the SO_REUSEADDR socket option for
the UDP socket. This setting have surprising effects.
On Linux systems the man page (`socket(7)`) states:
```
SO_REUSEADDR
Indicates that the rules used in validating addresses supplied
in a bind(2) call should allow reuse of local addresses. For
AF_INET sockets this means that a socket may bind, except when
there is an active listening socket bound to the address.
```
But since UDP does not listen this ends up meaning that when an
ephemeral port is allocated (setting the `port` to `0`) the kernel is
free to reuse any other UDP port that has `SO_REUSEADDR` set.
Tests checking the likelyhood of port conflict when using multiple
`udpsrc` shows port conflicts starting to occur after ~100-300 udpsrc
with port allocation enabled. See issue #3411 for more details.
Changing the default value of a property is not a small thing we risk
breaking application that rely on the current default value. But since
the effects of having `reuse` default `TRUE` on can also have damaging
and hard-to-debug consequences, it might be worth to consider.
Having `SO_REUSEADDR` enabled for multicast, might have some use cases
but for unicast, with dynamic port allocation, it does not make sense.
When not using an multicast address we will disable port reuse if the
`port` property is set to 0 (=allocate) and warn the user that we did
so.
Closes #3411
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/7841 >
2024-11-06 10:21:14 +00:00
Philippe Normand
1e2d488e97
rtpfunnel: Ensure segment events are forwarded after flushs
...
gst_rtp_funnel_forward_segment() returns early when the current_pad is set.
Without clearing current_pad a critical warning would be emitted when
attempting to chain a buffer following a flush.
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/7830 >
2024-11-05 14:31:03 +00:00
Sebastian Dröge
2cc32434ad
rtph264depay, rtph265depay: various parameter-set string handling fixes
...
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/7804 >
2024-11-01 15:44:20 +00:00
Sebastian Dröge
4ea16ff146
flvmux: Consider timestamps before segment start to map to segment start
...
Instead of mapping them to running time 0, which is wrong if e.g. the segment
base is not equal to 0.
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/7780 >
2024-10-31 18:08:05 +00:00
Sebastian Dröge
356aca593d
flvmux: Use first running time on the initial header instead of 0
...
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/7780 >
2024-10-31 18:08:05 +00:00