mirrors/gstreamer
mirrors/gstreamer
1
1
Fork 0
mirror of https://gitlab.freedesktop.org/gstreamer/gstreamer.git synced 2024-12-26 10:10:32 +00:00
Code Issues 1 Projects Releases Wiki Activity
gstreamer/subprojects/gst-plugins-good/gst
History
Sebastian Dröge fafb028196 matroskademux: Fix integer overflows in zlib/bz2/etc decompression code 
Various variables were of smaller types than needed and there were no
checks for any overflows when doing additions on the sizes. This is all
checked now.

In addition the size of the decompressed data is limited to 120MB now as
any larger sizes are likely pathological and we can avoid out of memory
situations in many cases like this.

Also fix a bug where the available output size on the next iteration in
the zlib/bz2 decompression code was provided too large and could
potentially lead to out of bound writes.

Thanks to Adam Doupe for analyzing and reporting the issue.

CVE: CVE-2022-1922, CVE-2022-1923, CVE-2022-1924, CVE-2022-1925

https://gstreamer.freedesktop.org/security/sa-2022-0002.html

Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/1225

Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/2611>
2022-06-15 17:14:31 +01:00
..
alpha Move files from gst-plugins-good into the "subprojects/gst-plugins-good/" subdir 2021-09-24 16:13:50 -03:00
apetag Move files from gst-plugins-good into the "subprojects/gst-plugins-good/" subdir 2021-09-24 16:13:50 -03:00
audiofx Move files from gst-plugins-good into the "subprojects/gst-plugins-good/" subdir 2021-09-24 16:13:50 -03:00
audioparsers aacparse: Avoid mismatch between src_caps and output_header_type 2022-06-06 17:35:49 +01:00
auparse Move files from gst-plugins-good into the "subprojects/gst-plugins-good/" subdir 2021-09-24 16:13:50 -03:00
autodetect autodetect: fix debug init category 2022-01-28 10:35:35 +00:00
avi avidemux: Fix integer overflow resulting in heap corruption in DIB buffer inversion code 2022-06-15 14:53:00 +00:00
cutter Move files from gst-plugins-good into the "subprojects/gst-plugins-good/" subdir 2021-09-24 16:13:50 -03:00
debugutils Move files from gst-plugins-good into the "subprojects/gst-plugins-good/" subdir 2021-09-24 16:13:50 -03:00
deinterlace deinterlace: Clean up error handling in chain and _push_history 2022-05-18 09:27:46 +01:00
dtmf Move files from gst-plugins-good into the "subprojects/gst-plugins-good/" subdir 2021-09-24 16:13:50 -03:00
effectv Move files from gst-plugins-good into the "subprojects/gst-plugins-good/" subdir 2021-09-24 16:13:50 -03:00
equalizer docs: fix unnecessary ampersand, < and > escaping in code blocks 2021-11-12 11:39:19 +00:00
flv flvdemux: Actually make use of the debug category 2022-06-06 16:14:50 +01:00
flx Move files from gst-plugins-good into the "subprojects/gst-plugins-good/" subdir 2021-09-24 16:13:50 -03:00
goom Move files from gst-plugins-good into the "subprojects/gst-plugins-good/" subdir 2021-09-24 16:13:50 -03:00
goom2k1 Move files from gst-plugins-good into the "subprojects/gst-plugins-good/" subdir 2021-09-24 16:13:50 -03:00
icydemux Move files from gst-plugins-good into the "subprojects/gst-plugins-good/" subdir 2021-09-24 16:13:50 -03:00
id3demux Move files from gst-plugins-good into the "subprojects/gst-plugins-good/" subdir 2021-09-24 16:13:50 -03:00
imagefreeze imagefreeze: Fix example launch line format issue 2022-01-20 18:12:39 +00:00
interleave Move files from gst-plugins-good into the "subprojects/gst-plugins-good/" subdir 2021-09-24 16:13:50 -03:00
isomp4 qtdemux: Don't use tfdt for parsing subsequent trun boxes 2022-05-13 19:27:57 +01:00
law Move files from gst-plugins-good into the "subprojects/gst-plugins-good/" subdir 2021-09-24 16:13:50 -03:00
level Move files from gst-plugins-good into the "subprojects/gst-plugins-good/" subdir 2021-09-24 16:13:50 -03:00
matroska matroskademux: Fix integer overflows in zlib/bz2/etc decompression code 2022-06-15 17:14:31 +01:00
monoscope Move files from gst-plugins-good into the "subprojects/gst-plugins-good/" subdir 2021-09-24 16:13:50 -03:00
multifile splitmuxsink: Warn when calculating the next fragment time in timecode mode fails 2022-01-25 12:08:20 +00:00
multipart Move files from gst-plugins-good into the "subprojects/gst-plugins-good/" subdir 2021-09-24 16:13:50 -03:00
replaygain Move files from gst-plugins-good into the "subprojects/gst-plugins-good/" subdir 2021-09-24 16:13:50 -03:00
rtp rtpredenc: quieten warning about ignoring header extensions 2022-04-23 13:27:55 +01:00
rtpmanager rtpptdemux: Don't GST_FLOW_ERROR when ignoring invalid packets 2022-05-29 13:02:03 +01:00
rtsp rtspsrc: Fix critical while serializing timeout element message 2022-01-26 11:07:07 +00:00
shapewipe Move files from gst-plugins-good into the "subprojects/gst-plugins-good/" subdir 2021-09-24 16:13:50 -03:00
smpte smpte: Fix integer overflow with possible heap corruption in GstMask creation. 2022-06-15 13:34:32 +01:00
spectrum Move files from gst-plugins-good into the "subprojects/gst-plugins-good/" subdir 2021-09-24 16:13:50 -03:00
udp Move files from gst-plugins-good into the "subprojects/gst-plugins-good/" subdir 2021-09-24 16:13:50 -03:00
videobox Move files from gst-plugins-good into the "subprojects/gst-plugins-good/" subdir 2021-09-24 16:13:50 -03:00
videocrop Move files from gst-plugins-good into the "subprojects/gst-plugins-good/" subdir 2021-09-24 16:13:50 -03:00
videofilter Move files from gst-plugins-good into the "subprojects/gst-plugins-good/" subdir 2021-09-24 16:13:50 -03:00
videomixer Move files from gst-plugins-good into the "subprojects/gst-plugins-good/" subdir 2021-09-24 16:13:50 -03:00
wavenc Move files from gst-plugins-good into the "subprojects/gst-plugins-good/" subdir 2021-09-24 16:13:50 -03:00
wavparse wavparse: ensure that any pending segment is sent before an EOS event is sent 2022-05-05 01:29:07 +01:00
y4m Move files from gst-plugins-good into the "subprojects/gst-plugins-good/" subdir 2021-09-24 16:13:50 -03:00
meson.build Move files from gst-plugins-good into the "subprojects/gst-plugins-good/" subdir 2021-09-24 16:13:50 -03:00