gstreamer/subprojects/gst-plugins-good/gst/matroska
Sebastian Dröge ad6012159a matroskademux: Fix integer overflows in zlib/bz2/etc decompression code
Various variables were of smaller types than needed and there were no
checks for any overflows when doing additions on the sizes. This is all
checked now.

In addition the size of the decompressed data is limited to 120MB now as
any larger sizes are likely pathological and we can avoid out of memory
situations in many cases like this.

Also fix a bug where the available output size on the next iteration in
the zlib/bz2 decompression code was provided too large and could
potentially lead to out of bound writes.

Thanks to Adam Doupe for analyzing and reporting the issue.

CVE: CVE-2022-1922, CVE-2022-1923, CVE-2022-1924, CVE-2022-1925

https://gstreamer.freedesktop.org/security/sa-2022-0002.html

Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/1225

Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/2610>
2022-06-15 17:50:55 +00:00
..
ebml-ids.h
ebml-read.c matroska: Use g_array_unref everywhere 2021-11-12 12:28:40 +00:00
ebml-read.h
ebml-write.c
ebml-write.h
gstmatroskaelement.c Move files from gst-plugins-good into the "subprojects/gst-plugins-good/" subdir 2021-09-24 16:13:50 -03:00
gstmatroskaelements.h
lzo.c
lzo.h
matroska-demux.c matroska: Fix AV1 alignment to TU 2022-03-04 21:58:15 +00:00
matroska-demux.h matroskademux: Don't parse Tracks element twice 2022-03-01 13:17:40 +00:00
matroska-ids.c matroska: Use g_array_unref everywhere 2021-11-12 12:28:40 +00:00
matroska-ids.h
matroska-mux.c matroska: Fix AV1 alignment to TU 2022-03-04 21:58:15 +00:00
matroska-mux.h
matroska-parse.c
matroska-parse.h
matroska-read-common.c matroskademux: Fix integer overflows in zlib/bz2/etc decompression code 2022-06-15 17:50:55 +00:00
matroska-read-common.h
matroska.c
meson.build
webm-mux.c
webm-mux.h