diff options
| author | Khem Raj <raj.khem@gmail.com> | 2019-03-15 18:36:40 -0700 |
|---|---|---|
| committer | Khem Raj <raj.khem@gmail.com> | 2019-03-16 01:12:05 -0700 |
| commit | 010c2f388095c1615b99d9f38a26bbd0c9e77b39 (patch) | |
| tree | 2563293e9fc25f1db158467f7909c48c0ae78e23 /meta-multimedia/recipes-multimedia/gstreamer-0.10/gst-plugins-bad/buffer-overflow-mp4.patch | |
| parent | 5c2c565e1de97a0f1c7b23fc5a136280e7f3eff2 (diff) | |
| download | meta-openembedded-010c2f388095c1615b99d9f38a26bbd0c9e77b39.tar.gz | |
gstreamer-0.10: Remove recipes
It has been over 5+ years for migration to gstreamer 1.x
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Diffstat (limited to 'meta-multimedia/recipes-multimedia/gstreamer-0.10/gst-plugins-bad/buffer-overflow-mp4.patch')
| -rw-r--r-- | meta-multimedia/recipes-multimedia/gstreamer-0.10/gst-plugins-bad/buffer-overflow-mp4.patch | 36 |
1 files changed, 0 insertions, 36 deletions
diff --git a/meta-multimedia/recipes-multimedia/gstreamer-0.10/gst-plugins-bad/buffer-overflow-mp4.patch b/meta-multimedia/recipes-multimedia/gstreamer-0.10/gst-plugins-bad/buffer-overflow-mp4.patch deleted file mode 100644 index 235acda8bf..0000000000 --- a/meta-multimedia/recipes-multimedia/gstreamer-0.10/gst-plugins-bad/buffer-overflow-mp4.patch +++ /dev/null | |||
| @@ -1,36 +0,0 @@ | |||
| 1 | Description: Fix buffer overflow in mp4 parsing | ||
| 2 | Author: Ralph Giles <giles@mozilla.com> | ||
| 3 | --- | ||
| 4 | Backport patch from debian to fix CVE-2015-0797. | ||
| 5 | https://sources.debian.net/data/main/g/gst-plugins-bad0.10/0.10.23-7.1+deb7u2/debian/patches/buffer-overflow-mp4.patch | ||
| 6 | |||
| 7 | Upstream-Status: Backport | ||
| 8 | |||
| 9 | Signed-off-by: Kai Kang <kai.kang@windriver.com> | ||
| 10 | --- | ||
| 11 | --- gst-plugins-bad0.10-0.10.23.orig/gst/videoparsers/gsth264parse.c | ||
| 12 | +++ gst-plugins-bad0.10-0.10.23/gst/videoparsers/gsth264parse.c | ||
| 13 | @@ -384,6 +384,11 @@ gst_h264_parse_wrap_nal (GstH264Parse * | ||
| 14 | |||
| 15 | GST_DEBUG_OBJECT (h264parse, "nal length %d", size); | ||
| 16 | |||
| 17 | + if (size > G_MAXUINT32 - nl) { | ||
| 18 | + GST_ELEMENT_ERROR (h264parse, STREAM, FAILED, (NULL), | ||
| 19 | + ("overflow in nal size")); | ||
| 20 | + return NULL; | ||
| 21 | + } | ||
| 22 | buf = gst_buffer_new_and_alloc (size + nl + 4); | ||
| 23 | if (format == GST_H264_PARSE_FORMAT_AVC) { | ||
| 24 | GST_WRITE_UINT32_BE (GST_BUFFER_DATA (buf), size << (32 - 8 * nl)); | ||
| 25 | @@ -452,6 +457,11 @@ gst_h264_parse_process_nal (GstH264Parse | ||
| 26 | GST_DEBUG_OBJECT (h264parse, "not processing nal size %u", nalu->size); | ||
| 27 | return; | ||
| 28 | } | ||
| 29 | + if (G_UNLIKELY (nalu->size > 20 * 1024 * 1024)) { | ||
| 30 | + GST_DEBUG_OBJECT (h264parse, "not processing nal size %u (too big)", | ||
| 31 | + nalu->size); | ||
| 32 | + return; | ||
| 33 | + } | ||
| 34 | |||
| 35 | /* we have a peek as well */ | ||
| 36 | nal_type = nalu->type; | ||
