diff options
author | Sebastian Dröge <sebastian@centricular.com> | 2017-06-14 00:09:25 +0300 |
---|---|---|
committer | Sebastian Dröge <sebastian@centricular.com> | 2017-06-14 00:12:40 +0300 |
commit | a6aed59d73384abbddb5a179c3236abf89b65c0a (patch) | |
tree | 326b8a35c707cab35ac0ce1c45e851be739c4586 | |
parent | 07050121aaa3931070c1c3856d026b8de59ab8b7 (diff) | |
download | gstreamer-plugins-good-a6aed59d73384abbddb5a179c3236abf89b65c0a.tar.gz |
wavparse: Actually clip to upstream size instead of size of the data chunk
There might be other chunks after the data chunk, so clipping the chunk
size with the data size can lead to a negative number and all following
calculations go wrong and cause crashes or worse.
This was introduced in 3ac119bbe2c360e28c087cf3852ea769d611b120.
https://bugzilla.gnome.org/show_bug.cgi?id=783760
-rw-r--r-- | gst/wavparse/gstwavparse.c | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/gst/wavparse/gstwavparse.c b/gst/wavparse/gstwavparse.c index bafd4a7d6..e2224a581 100644 --- a/gst/wavparse/gstwavparse.c +++ b/gst/wavparse/gstwavparse.c @@ -1285,9 +1285,10 @@ gst_wavparse_stream_headers (GstWavParse * wav) } /* Clip to upstream size if known */ - if (wav->datasize > 0 && size + wav->offset > wav->datasize) { + if (upstream_size > 0 && size + wav->offset > upstream_size) { GST_WARNING_OBJECT (wav, "Clipping chunk size to file size"); - size = wav->datasize - wav->offset; + g_assert (upstream_size >= wav->offset); + size = upstream_size - wav->offset; } /* wav is a st00pid format, we don't know for sure where data starts. |