Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
Please login to access the resource
SUSE:SLE-12-SP5:Update
gstreamer-plugins-good.20669
0001-avidemux-Fix-various-out-of-bounds-reads-w...
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File 0001-avidemux-Fix-various-out-of-bounds-reads-when-parsing-ncdt.patch of Package gstreamer-plugins-good.20669
From 32d9f3c158b58984be7731434df619131c0736f7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sebastian=20Dr=C3=B6ge?= <sebastian@centricular.com> Date: Fri, 20 Jan 2017 07:58:26 +0200 Subject: [PATCH] avidemux: Fix various out of bounds reads when parsing ncdt tags https://bugzilla.gnome.org/show_bug.cgi?id=777500 --- gst/avi/gstavidemux.c | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/gst/avi/gstavidemux.c b/gst/avi/gstavidemux.c index 4475576..d7afd1e 100644 --- a/gst/avi/gstavidemux.c +++ b/gst/avi/gstavidemux.c @@ -3896,6 +3896,7 @@ gst_avi_demux_parse_ncdt (GstAviDemux * avi, GstBuffer * buf, tsize -= 4; ptr += 4; + left -= 4; GST_DEBUG_OBJECT (avi, "sub-tag %u, size %u", sub_tag, sub_size); /* http://www.sno.phy.queensu.ca/~phil/exiftool/TagNames/Nikon.html#NCTG @@ -3914,10 +3915,12 @@ gst_avi_demux_parse_ncdt (GstAviDemux * avi, GstBuffer * buf, break; case 0x13: /* CreationDate */ type = GST_TAG_DATE_TIME; - if (ptr[4] == ':') - ptr[4] = '-'; - if (ptr[7] == ':') - ptr[7] = '-'; + if (left > 7) { + if (ptr[4] == ':') + ptr[4] = '-'; + if (ptr[7] == ':') + ptr[7] = '-'; + } break; default: type = NULL; @@ -3931,6 +3934,7 @@ gst_avi_demux_parse_ncdt (GstAviDemux * avi, GstBuffer * buf, ptr += sub_size; tsize -= sub_size; + left -= sub_size; } break; default:
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor