Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP4:Update
gstreamer-0_10-plugins-good
gstreamer-CVE-2022-1921.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File gstreamer-CVE-2022-1921.patch of Package gstreamer-0_10-plugins-good
diff -urp gst-plugins-good-0.10.31.orig/gst/avi/gstavidemux.c gst-plugins-good-0.10.31/gst/avi/gstavidemux.c --- gst-plugins-good-0.10.31.orig/gst/avi/gstavidemux.c 2011-12-30 07:59:09.000000000 -0600 +++ gst-plugins-good-0.10.31/gst/avi/gstavidemux.c 2022-08-22 11:35:33.348446915 -0500 @@ -4454,8 +4454,8 @@ static GstBuffer * gst_avi_demux_invert (GstAviStream * stream, GstBuffer * buf) { GstStructure *s; - gint y, w, h; - gint bpp, stride; + guint y, w, h; + guint bpp, stride; guint8 *tmp = NULL; if (stream->strh->type != GST_RIFF_FCC_vids) @@ -4478,10 +4478,21 @@ gst_avi_demux_invert (GstAviStream * str h = stream->strf.vids->height; w = stream->strf.vids->width; + + if ((guint64) w * ((guint64) bpp / 8) > G_MAXUINT - 4) { + GST_WARNING ("Width x stride overflows"); + return buf; + } + + if (w == 0 || h == 0) { + GST_WARNING ("Zero width or height"); + return buf; + } + stride = GST_ROUND_UP_4 (w * (bpp / 8)); buf = gst_buffer_make_writable (buf); - if (GST_BUFFER_SIZE (buf) < (stride * h)) { + if (GST_BUFFER_SIZE (buf) < ((guint64) stride * (guint64) h)) { GST_WARNING ("Buffer is smaller than reported Width x Height x Depth"); return buf; } Only in gst-plugins-good-0.10.31/gst/avi: gstavidemux.c.orig Only in gst-plugins-good-0.10.31/gst/avi: gstavidemux.c.rej
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor