mirror of
https://gitlab.freedesktop.org/gstreamer/gstreamer.git
synced 2024-10-08 03:32:18 +00:00
14d306da6d
Various variables were of smaller types than needed and there were no checks for any overflows when doing additions on the sizes. This is all checked now. In addition the size of the decompressed data is limited to 200MB now as any larger sizes are likely pathological and we can avoid out of memory situations in many cases like this. Also fix a bug where the available output size on the next iteration in the zlib decompression code was provided too large and could potentially lead to out of bound writes. Thanks to Adam Doupe for analyzing and reporting the issue. CVE: tbd https://gstreamer.freedesktop.org/security/sa-2022-0003.html Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/1225 Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/2610> |
||
|---|---|---|
| .. | ||
| atoms.c | ||
| atoms.h | ||
| atomsrecovery.c | ||
| atomsrecovery.h | ||
| descriptors.c | ||
| descriptors.h | ||
| fourcc.h | ||
| gstisoff.c | ||
| gstisoff.h | ||
| gstisomp4element.c | ||
| gstisomp4elements.h | ||
| gstqtmoovrecover.c | ||
| gstqtmoovrecover.h | ||
| gstqtmux-doc.c | ||
| gstqtmux-doc.h | ||
| gstqtmux.c | ||
| gstqtmux.h | ||
| GstQTMux.prs | ||
| gstqtmuxmap.c | ||
| gstqtmuxmap.h | ||
| gstrtpxqtdepay.c | ||
| gstrtpxqtdepay.h | ||
| isomp4-plugin.c | ||
| LEGAL | ||
| meson.build | ||
| properties.c | ||
| properties.h | ||
| qtatomparser.h | ||
| qtdemux-webvtt.c | ||
| qtdemux-webvtt.h | ||
| qtdemux.c | ||
| qtdemux.h | ||
| qtdemux_debug.h | ||
| qtdemux_dump.c | ||
| qtdemux_dump.h | ||
| qtdemux_lang.c | ||
| qtdemux_lang.h | ||
| qtdemux_tags.c | ||
| qtdemux_tags.h | ||
| qtdemux_tree.c | ||
| qtdemux_tree.h | ||
| qtdemux_types.c | ||
| qtdemux_types.h | ||
| qtpalette.h | ||