From d21017b52a585f145e8d62781bcc1c5fefc7ee37 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Sebastian=20Dr=C3=B6ge?= <sebastian@centricular.com>
Date: Tue, 31 Jan 2017 13:50:21 +0200
Subject: asfdemux: Check that we have enough data available before parsing
bool/uint extended content descriptors
https://bugzilla.gnome.org/show_bug.cgi?id=777955
--- a/gst/asfdemux/gstasfdemux.c
+++ b/gst/asfdemux/gstasfdemux.c
@@ -2690,7 +2690,12 @@
break;
}
case ASF_DEMUX_DATA_TYPE_DWORD:{
- guint uint_val = GST_READ_UINT32_LE (value);
+ guint uint_val;
+
+ if (value_len < 4)
+ break;
+
+ uint_val = GST_READ_UINT32_LE (value);
/* this is the track number */
g_value_init (&tag_value, G_TYPE_UINT);
distrib
>
Mageia
>
6
>
armv7hl
>
media
>
tainted-updates-src
>
by-pkgid
>
762dbd22c88b53fdca1bd80563fa1030
>
files
>
2
