File CVE-2025-47219.patch of Package gstreamer-plugins-good.39155

From b80803943388050cb870c95934fc52feeffb94ac Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Sebastian=20Dr=C3=B6ge?= <sebastian@centricular.com>
Date: Sat, 3 May 2025 09:43:32 +0300
Subject: [PATCH] qtdemux: Check if enough bytes are available for each stsd
 entry

There must be at least 8 bytes for the length / fourcc of each entry. After
reading those, the length is already validated against the remaining available
bytes.

Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/4407
Fixes CVE-2025-47219

Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/9137>
---
diff -urp gst-plugins-good-1.24.0.orig/gst/isomp4/qtdemux.c gst-plugins-good-1.24.0/gst/isomp4/qtdemux.c
--- gst-plugins-good-1.24.0.orig/gst/isomp4/qtdemux.c	2025-06-10 16:47:14.210218110 -0500
+++ gst-plugins-good-1.24.0/gst/isomp4/qtdemux.c	2025-06-10 16:47:28.293342620 -0500
@@ -11946,6 +11946,10 @@ qtdemux_parse_trak (GstQTDemux * qtdemux
     gchar *codec = NULL;
     QtDemuxStreamStsdEntry *entry = &stream->stsd_entries[stsd_index];
 
+    /* needs at least length and fourcc */
+    if (remaining_stsd_len < 8)
+      goto corrupt_file;
+
     /* and that entry should fit within stsd */
     len = QT_UINT32 (stsd_entry_data);
     if (len > remaining_stsd_len)