openkylin
/
gst-plugins-good1.0
mirror of https://gitee.com/openkylin/gst-plugins-good1.0.git
9
0
Fork 0
Code Issues Projects Releases Wiki Activity

CVE-2023-37327 安全更新: 修复了gst-plugins-good1.0中的任意代码执行漏洞

This commit is contained in:
MYe 2023-12-22 04:29:54 -05:00
parent fca2216654
commit 54c0f7e86b
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
gst/audioparsers/gstflacparse.c
View File

@ -1109,6 +1109,7 @@ gst_flac_parse_handle_picture (GstFlacParse * flacparse, GstBuffer * buffer)
GstMapInfo map;
guint32 img_len = 0, img_type = 0;
guint32 img_mimetype_len = 0, img_description_len = 0;
const guint8 *img_data;
gst_buffer_map (buffer, &map, GST_MAP_READ);
gst_byte_reader_init (&reader, map.data, map.size);
@ -1135,7 +1136,7 @@ gst_flac_parse_handle_picture (GstFlacParse * flacparse, GstBuffer * buffer)
if (!gst_byte_reader_get_uint32_be (&reader, &img_len))
goto error;
if (gst_byte_reader_get_pos (&reader) + img_len > map.size)
if (!gst_byte_reader_get_data (&reader, img_len, &img_data))
goto error;
GST_INFO_OBJECT (flacparse, "Got image of %d bytes", img_len);
@ -1144,8 +1145,7 @@ gst_flac_parse_handle_picture (GstFlacParse * flacparse, GstBuffer * buffer)
if (flacparse->tags == NULL)
flacparse->tags = gst_tag_list_new_empty ();
gst_tag_list_add_id3_image (flacparse->tags,
map.data + gst_byte_reader_get_pos (&reader), img_len, img_type);
gst_tag_list_add_id3_image (flacparse->tags, img_data, img_len, img_type);
}
gst_buffer_unmap (buffer, &map);