[Bug 752495] New: [SECURITY] _fallback_mem_copy may read befor and after valid data
GStreamer (GNOME Bugzilla)
bugzilla at gnome.org
Thu Jul 16 07:52:53 PDT 2015
https://bugzilla.gnome.org/show_bug.cgi?id=752495
Bug ID: 752495
Summary: [SECURITY] _fallback_mem_copy may read befor and after
valid data
Classification: Platform
Product: GStreamer
Version: git master
OS: All
Status: NEW
Severity: normal
Priority: Normal
Component: gstreamer (core)
Assignee: gstreamer-bugs at lists.freedesktop.org
Reporter: scabot at gmail.com
QA Contact: gstreamer-bugs at lists.freedesktop.org
GNOME version: ---
_fallback_mem_copy in gstallocator.c does not check the bounds of the requested
copy.
1. The offset of the copy may be negative so reads starting before the valid
data are possible.
2. (offset + size) are not checked to see if the sum falls outside the valid
data region so data can be read from after the end of the buffer.
This lack of bounds checking poses a security risk as well as making gstreamer
less robust.
--
You are receiving this mail because:
You are the QA Contact for the bug.
You are the assignee for the bug.
More information about the gstreamer-bugs
mailing list