gstreamer/subprojects/gst-plugins-good/gst
Sebastian Dröge 526d0eef0d wavparse: Fix clipping of size to the file size
The size does not include the 8 bytes tag and length, so an additional 8 bytes
must be removed here. 8 bytes are always available at this point because
otherwise the parsing of the tag and length right above would've failed.

Thanks to Antonio Morales for finding and reporting the issue.

Fixes GHSL-2024-260
Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/3888

Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8042>
2024-12-03 18:03:43 +00:00
..
alpha doc: Fix newline char between authors 2023-05-20 05:48:23 +00:00
apetag gst-plugins-good: re-indent with GNU indent 2.2.12 2023-03-17 03:18:54 +00:00
audiofx gst-plugins-good: re-indent with GNU indent 2.2.12 2023-03-17 03:18:54 +00:00
audioparsers flacparse: fix buffer overflow in gst_flac_parse_frame_is_valid 2024-05-27 23:31:44 +00:00
auparse meson: Call pkgconfig.generate in the loop where we declare plugins dependencies 2022-09-01 21:17:35 +00:00
autodetect meson: Call pkgconfig.generate in the loop where we declare plugins dependencies 2022-09-01 21:17:35 +00:00
avi gst-plugins-good: re-indent with GNU indent 2.2.12 2023-03-17 03:18:54 +00:00
cutter cutter: add audio-level-meta 2024-02-08 13:52:40 +00:00
debugutils navigationtest: Fix plugin description 2024-11-19 17:24:51 +00:00
deinterlace common: Use more efficient versions of GstCapsFeatures API where possible 2024-09-26 19:26:18 +03:00
dtmf rtpdtmfsrc: minor logging clean-up 2024-06-19 07:32:49 +00:00
effectv meson: Call pkgconfig.generate in the loop where we declare plugins dependencies 2022-09-01 21:17:35 +00:00
equalizer meson: Call pkgconfig.generate in the loop where we declare plugins dependencies 2022-09-01 21:17:35 +00:00
flv flvmux: Fix off-by-one in month/day-of-the-week array 2024-12-01 09:49:29 +00:00
flx meson: Call pkgconfig.generate in the loop where we declare plugins dependencies 2022-09-01 21:17:35 +00:00
goom gst-plugins-good: re-indent with GNU indent 2.2.12 2023-03-17 03:18:54 +00:00
goom2k1 meson: Call pkgconfig.generate in the loop where we declare plugins dependencies 2022-09-01 21:17:35 +00:00
icydemux meson: Call pkgconfig.generate in the loop where we declare plugins dependencies 2022-09-01 21:17:35 +00:00
id3demux meson: Call pkgconfig.generate in the loop where we declare plugins dependencies 2022-09-01 21:17:35 +00:00
imagefreeze imagefreeze: Add support for JPEG / PNG 2024-10-18 06:53:04 +00:00
interleave gst-plugins-good: use g_sort_array() instead of deprecated g_qsort_with_data() 2024-09-02 22:31:34 +00:00
isomp4 qtdemux: Avoid integer overflow when parsing Theora extension 2024-12-03 02:24:16 +00:00
law meson: Call pkgconfig.generate in the loop where we declare plugins dependencies 2022-09-01 21:17:35 +00:00
level level: Fix integer overflow when filling LevelMeta 2024-12-02 19:08:49 +00:00
matroska matroskamux: Simplify timestamp comparison logic in find_best_pad() 2024-11-15 22:33:53 +00:00
monoscope video: Don't overshoot QoS earliest time by a factor of 2 2024-09-13 19:52:52 +00:00
multifile splitmuxsrc: Convert part reader to a bin with a non-async bus 2024-11-25 15:55:50 +02:00
multipart meson: Call pkgconfig.generate in the loop where we declare plugins dependencies 2022-09-01 21:17:35 +00:00
replaygain meson: Call pkgconfig.generate in the loop where we declare plugins dependencies 2022-09-01 21:17:35 +00:00
rtp rtph26xpay: silence some maybe-unitialized warnings 2024-11-18 12:10:58 +11:00
rtpmanager rtpsource: include config.h header to avoid g_memdup2 link issue 2024-11-21 01:11:22 +00:00
rtsp rtspsrc: Update version of tcp-timestamp property to 1.24.10 2024-11-29 11:12:04 +00:00
shapewipe video: Don't overshoot QoS earliest time by a factor of 2 2024-09-13 19:52:52 +00:00
smpte meson: Call pkgconfig.generate in the loop where we declare plugins dependencies 2022-09-01 21:17:35 +00:00
spectrum meson: Call pkgconfig.generate in the loop where we declare plugins dependencies 2022-09-01 21:17:35 +00:00
udp udpsrc: protect cancellable from unlock/unlock_stop race 2024-11-15 10:33:44 +00:00
videobox videocrop, videobox: Simplify navigation event handling and support touch events 2022-11-11 06:45:49 +00:00
videocrop videocrop, videobox: Simplify navigation event handling and support touch events 2022-11-11 06:45:49 +00:00
videofilter videoflip: fix concurrent access when modifying the tag list 2023-07-25 15:18:05 +02:00
videomixer video: Don't overshoot QoS earliest time by a factor of 2 2024-09-13 19:52:52 +00:00
wavenc gst-plugins-good: re-indent with GNU indent 2.2.12 2023-03-17 03:18:54 +00:00
wavparse wavparse: Fix clipping of size to the file size 2024-12-03 18:03:43 +00:00
xingmux xingmux: drop use of GSlice 2023-01-24 15:25:06 +00:00
y4m meson: Call pkgconfig.generate in the loop where we declare plugins dependencies 2022-09-01 21:17:35 +00:00
meson.build xingmux: move from gst-plugins-ugly to gst-plugins-good 2022-10-25 12:40:20 +00:00