mirrors/gstreamer
mirrors/gstreamer
1
1
Fork 0
mirror of https://gitlab.freedesktop.org/gstreamer/gstreamer.git synced 2024-07-04 13:45:52 +00:00
Code Issues 1 Projects Releases Wiki Activity
gstreamer/subprojects/gst-plugins-good/gst
History
Sebastian Dröge 14d306da6d qtdemux: Fix integer overflows in zlib decompression code 
Various variables were of smaller types than needed and there were no
checks for any overflows when doing additions on the sizes. This is all
checked now.

In addition the size of the decompressed data is limited to 200MB now as
any larger sizes are likely pathological and we can avoid out of memory
situations in many cases like this.

Also fix a bug where the available output size on the next iteration in
the zlib decompression code was provided too large and could
potentially lead to out of bound writes.

Thanks to Adam Doupe for analyzing and reporting the issue.

CVE: tbd

https://gstreamer.freedesktop.org/security/sa-2022-0003.html

Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/1225

Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/2610>
2022-06-15 17:50:55 +00:00
..
alpha Move files from gst-plugins-good into the "subprojects/gst-plugins-good/" subdir 2021-09-24 16:13:50 -03:00
apetag Replace gst-i18n-*.h with gi18n-lib.h 2022-04-19 18:01:06 +00:00
audiofx Move files from gst-plugins-good into the "subprojects/gst-plugins-good/" subdir 2021-09-24 16:13:50 -03:00
audioparsers aacparse: Avoid mismatch between src_caps and output_header_type 2022-06-06 15:09:09 +00:00
auparse Move files from gst-plugins-good into the "subprojects/gst-plugins-good/" subdir 2021-09-24 16:13:50 -03:00
autodetect autodetect: fix debug init category 2022-01-28 10:35:35 +00:00
avi avidemux: Fix integer overflow resulting in heap corruption in DIB buffer inversion code 2022-06-15 16:40:48 +00:00
cutter cutter: Include running/stream-time in messages 2022-05-25 12:27:10 +00:00
debugutils navigation: Rename parse_state to parse_modifier_state 2022-04-01 06:38:43 +00:00
deinterlace deinterlace: Clean up error handling in chain and _push_history 2022-05-17 10:56:23 +00:00
dtmf Move files from gst-plugins-good into the "subprojects/gst-plugins-good/" subdir 2021-09-24 16:13:50 -03:00
effectv Move files from gst-plugins-good into the "subprojects/gst-plugins-good/" subdir 2021-09-24 16:13:50 -03:00
equalizer devenv: Add some missing GStreamer specific env variables 2022-02-25 20:35:26 +00:00
flv flvdemux: Make use of the streams API if used in a streams-aware bin 2022-06-07 10:52:46 +00:00
flx Move files from gst-plugins-good into the "subprojects/gst-plugins-good/" subdir 2021-09-24 16:13:50 -03:00
goom Move files from gst-plugins-good into the "subprojects/gst-plugins-good/" subdir 2021-09-24 16:13:50 -03:00
goom2k1 Move files from gst-plugins-good into the "subprojects/gst-plugins-good/" subdir 2021-09-24 16:13:50 -03:00
icydemux Replace gst-i18n-*.h with gi18n-lib.h 2022-04-19 18:01:06 +00:00
id3demux Replace gst-i18n-*.h with gi18n-lib.h 2022-04-19 18:01:06 +00:00
imagefreeze Remove glib and gobject dependencies everywhere 2022-04-01 16:32:17 +00:00
interleave Move files from gst-plugins-good into the "subprojects/gst-plugins-good/" subdir 2021-09-24 16:13:50 -03:00
isomp4 qtdemux: Fix integer overflows in zlib decompression code 2022-06-15 17:50:55 +00:00
law Move files from gst-plugins-good into the "subprojects/gst-plugins-good/" subdir 2021-09-24 16:13:50 -03:00
level Move files from gst-plugins-good into the "subprojects/gst-plugins-good/" subdir 2021-09-24 16:13:50 -03:00
matroska matroskademux: Fix integer overflows in zlib/bz2/etc decompression code 2022-06-15 17:50:55 +00:00
monoscope Move files from gst-plugins-good into the "subprojects/gst-plugins-good/" subdir 2021-09-24 16:13:50 -03:00
multifile splitmuxsrc: Re-queue sticky events after probing. 2022-05-17 11:55:40 +00:00
multipart Move files from gst-plugins-good into the "subprojects/gst-plugins-good/" subdir 2021-09-24 16:13:50 -03:00
replaygain Move files from gst-plugins-good into the "subprojects/gst-plugins-good/" subdir 2021-09-24 16:13:50 -03:00
rtp rtpgstpay: Don't push packets before the first input buffer is received 2022-04-27 11:55:17 +00:00
rtpmanager Bump GLib requirement to >= 2.62 2022-06-10 06:01:41 +00:00
rtsp Replace gst-i18n-*.h with gi18n-lib.h 2022-04-19 18:01:06 +00:00
shapewipe Remove glib and gobject dependencies everywhere 2022-04-01 16:32:17 +00:00
smpte smpte: Fix integer overflow with possible heap corruption in GstMask creation. 2022-06-15 14:53:50 +00:00
spectrum Move files from gst-plugins-good into the "subprojects/gst-plugins-good/" subdir 2021-09-24 16:13:50 -03:00
udp Bump GLib requirement to >= 2.62 2022-06-10 06:01:41 +00:00
videobox all: Use new navigation interface and API 2022-03-23 13:14:52 +00:00
videocrop all: Use new navigation interface and API 2022-03-23 13:14:52 +00:00
videofilter all: Use new navigation interface and API 2022-03-23 13:14:52 +00:00
videomixer Move files from gst-plugins-good into the "subprojects/gst-plugins-good/" subdir 2021-09-24 16:13:50 -03:00
wavenc Move files from gst-plugins-good into the "subprojects/gst-plugins-good/" subdir 2021-09-24 16:13:50 -03:00
wavparse wavparse: fix typo in debug message 2022-05-16 19:31:18 +09:00
y4m Move files from gst-plugins-good into the "subprojects/gst-plugins-good/" subdir 2021-09-24 16:13:50 -03:00
meson.build Move files from gst-plugins-good into the "subprojects/gst-plugins-good/" subdir 2021-09-24 16:13:50 -03:00