[Bug 791606] New: Seg fault in vorbis parse plugin for corrupt stream
GStreamer (GNOME Bugzilla)
bugzilla at gnome.org
Thu Dec 14 11:11:57 UTC 2017
https://bugzilla.gnome.org/show_bug.cgi?id=791606
Bug ID: 791606
Summary: Seg fault in vorbis parse plugin for corrupt stream
Classification: Platform
Product: GStreamer
Version: 1.13.x
OS: Linux
Status: NEW
Severity: critical
Priority: Normal
Component: gst-plugins-base
Assignee: gstreamer-bugs at lists.freedesktop.org
Reporter: Vijay.Palaniswamy at in.bosch.com
QA Contact: gstreamer-bugs at lists.freedesktop.org
GNOME version: ---
If header type field is corrupted .Crash is observed in vorbisparse plugin.
1 for identification Header
3 for comment header
5 setup header
If Second or third packet header type [Eg: 3 or 5] is corrupted, leads to
vorbis parse plugin segfault.
Reason for segfault:
trying to access fileds in "parse->streamheader" in function
"vorbis_parse_push_headers"
Solution:
Need to proper check while parsing header in function
"vorbis_parse_parse_packet"
Call stack:
(gdb) bt
#0 0x00007ffff43a731d in vorbis_parse_push_headers (parse=0x803070) at
gstvorbisparse.c:203
#1 vorbis_parse_parse_packet (parse=0x803070, buf=0x7fffec007000) at
gstvorbisparse.c:415
#2 0x00007ffff7b1b59f in ?? () from
/usr/lib/x86_64-linux-gnu/libgstreamer-1.0.so.0
#3 0x00007ffff7b23543 in gst_pad_push () from
/usr/lib/x86_64-linux-gnu/libgstreamer-1.0.so.0
#4 0x00007ffff57bebc6 in gst_ogg_demux_chain_peer
(pad=pad at entry=0x7fffec008830, packet=packet at entry=0x7ffff3ec8ac0,
push_headers=<optimized out>) at gstoggdemux.c:816
#5 0x00007ffff57c02e8 in gst_ogg_pad_submit_packet (packet=0x7ffff3ec8ac0,
pad=0x7fffec008830) at gstoggdemux.c:1231
#6 gst_ogg_pad_stream_out (pad=pad at entry=0x7fffec008830,
npackets=npackets at entry=0) at gstoggdemux.c:1270
--
You are receiving this mail because:
You are the QA Contact for the bug.
You are the assignee for the bug.
More information about the gstreamer-bugs
mailing list