gstreamer/subprojects/gst-plugins-good/gst
Sebastian Dröge cf887f1b8e matroskademux: Avoid integer-overflow resulting in heap corruption in WavPack header handling code
blocksize + WAVPACK4_HEADER_SIZE might overflow gsize, which then
results in allocating a very small buffer. Into that buffer blocksize
data is memcpy'd later which then causes out of bound writes and can
potentially lead to anything from crashes to remote code execution.

Thanks to Adam Doupe for analyzing and reporting the issue.

CVE: CVE-2022-1920

https://gstreamer.freedesktop.org/security/sa-2022-0004.html

Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/1226

Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/2612>
2022-06-15 18:35:12 +00:00
..
alpha Move files from gst-plugins-good into the "subprojects/gst-plugins-good/" subdir 2021-09-24 16:13:50 -03:00
apetag Replace gst-i18n-*.h with gi18n-lib.h 2022-04-19 18:01:06 +00:00
audiofx Move files from gst-plugins-good into the "subprojects/gst-plugins-good/" subdir 2021-09-24 16:13:50 -03:00
audioparsers aacparse: Avoid mismatch between src_caps and output_header_type 2022-06-06 15:09:09 +00:00
auparse Move files from gst-plugins-good into the "subprojects/gst-plugins-good/" subdir 2021-09-24 16:13:50 -03:00
autodetect autodetect: fix debug init category 2022-01-28 10:35:35 +00:00
avi avidemux: Fix integer overflow resulting in heap corruption in DIB buffer inversion code 2022-06-15 16:40:48 +00:00
cutter cutter: Include running/stream-time in messages 2022-05-25 12:27:10 +00:00
debugutils navigation: Rename parse_state to parse_modifier_state 2022-04-01 06:38:43 +00:00
deinterlace deinterlace: Clean up error handling in chain and _push_history 2022-05-17 10:56:23 +00:00
dtmf Move files from gst-plugins-good into the "subprojects/gst-plugins-good/" subdir 2021-09-24 16:13:50 -03:00
effectv Move files from gst-plugins-good into the "subprojects/gst-plugins-good/" subdir 2021-09-24 16:13:50 -03:00
equalizer devenv: Add some missing GStreamer specific env variables 2022-02-25 20:35:26 +00:00
flv flvdemux: Make use of the streams API if used in a streams-aware bin 2022-06-07 10:52:46 +00:00
flx Move files from gst-plugins-good into the "subprojects/gst-plugins-good/" subdir 2021-09-24 16:13:50 -03:00
goom Move files from gst-plugins-good into the "subprojects/gst-plugins-good/" subdir 2021-09-24 16:13:50 -03:00
goom2k1 Move files from gst-plugins-good into the "subprojects/gst-plugins-good/" subdir 2021-09-24 16:13:50 -03:00
icydemux Replace gst-i18n-*.h with gi18n-lib.h 2022-04-19 18:01:06 +00:00
id3demux Replace gst-i18n-*.h with gi18n-lib.h 2022-04-19 18:01:06 +00:00
imagefreeze Remove glib and gobject dependencies everywhere 2022-04-01 16:32:17 +00:00
interleave Move files from gst-plugins-good into the "subprojects/gst-plugins-good/" subdir 2021-09-24 16:13:50 -03:00
isomp4 qtdemux: Fix integer overflows in zlib decompression code 2022-06-15 17:50:55 +00:00
law Move files from gst-plugins-good into the "subprojects/gst-plugins-good/" subdir 2021-09-24 16:13:50 -03:00
level Move files from gst-plugins-good into the "subprojects/gst-plugins-good/" subdir 2021-09-24 16:13:50 -03:00
matroska matroskademux: Avoid integer-overflow resulting in heap corruption in WavPack header handling code 2022-06-15 18:35:12 +00:00
monoscope Move files from gst-plugins-good into the "subprojects/gst-plugins-good/" subdir 2021-09-24 16:13:50 -03:00
multifile splitmuxsrc: Re-queue sticky events after probing. 2022-05-17 11:55:40 +00:00
multipart Move files from gst-plugins-good into the "subprojects/gst-plugins-good/" subdir 2021-09-24 16:13:50 -03:00
replaygain Move files from gst-plugins-good into the "subprojects/gst-plugins-good/" subdir 2021-09-24 16:13:50 -03:00
rtp rtpgstpay: Don't push packets before the first input buffer is received 2022-04-27 11:55:17 +00:00
rtpmanager Bump GLib requirement to >= 2.62 2022-06-10 06:01:41 +00:00
rtsp Replace gst-i18n-*.h with gi18n-lib.h 2022-04-19 18:01:06 +00:00
shapewipe Remove glib and gobject dependencies everywhere 2022-04-01 16:32:17 +00:00
smpte smpte: Fix integer overflow with possible heap corruption in GstMask creation. 2022-06-15 14:53:50 +00:00
spectrum Move files from gst-plugins-good into the "subprojects/gst-plugins-good/" subdir 2021-09-24 16:13:50 -03:00
udp Bump GLib requirement to >= 2.62 2022-06-10 06:01:41 +00:00
videobox all: Use new navigation interface and API 2022-03-23 13:14:52 +00:00
videocrop all: Use new navigation interface and API 2022-03-23 13:14:52 +00:00
videofilter all: Use new navigation interface and API 2022-03-23 13:14:52 +00:00
videomixer Move files from gst-plugins-good into the "subprojects/gst-plugins-good/" subdir 2021-09-24 16:13:50 -03:00
wavenc Move files from gst-plugins-good into the "subprojects/gst-plugins-good/" subdir 2021-09-24 16:13:50 -03:00
wavparse wavparse: fix typo in debug message 2022-05-16 19:31:18 +09:00
y4m Move files from gst-plugins-good into the "subprojects/gst-plugins-good/" subdir 2021-09-24 16:13:50 -03:00
meson.build Move files from gst-plugins-good into the "subprojects/gst-plugins-good/" subdir 2021-09-24 16:13:50 -03:00