[Bug 724464] New: mpegts: does not check data sizes when parsing descriptors
GStreamer (bugzilla.gnome.org)
bugzilla at gnome.org
Sun Feb 16 01:00:23 PST 2014
https://bugzilla.gnome.org/show_bug.cgi?id=724464
GStreamer | gst-plugins-bad | git
Summary: mpegts: does not check data sizes when parsing
descriptors
Classification: Platform
Product: GStreamer
Version: git
OS/Version: Linux
Status: NEW
Severity: critical
Priority: Normal
Component: gst-plugins-bad
AssignedTo: gstreamer-bugs at lists.freedesktop.org
ReportedBy: slomo at coaxion.net
QAContact: gstreamer-bugs at lists.freedesktop.org
CC: t.i.m at zen.co.uk, bilboed at bilboed.com,
slomo at coaxion.net
GNOME version: ---
See summary, I noticed this while reviewing bug #724069. As these descriptors
come from an untrusted source I would say that checking at least the size
before parsing would make a lot of sense to prevent crashes and other
interesting effects.
--
Configure bugmail: https://bugzilla.gnome.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug.
You are the assignee for the bug.
More information about the gstreamer-bugs
mailing list