gstreamer1-plugins-good/0008-wavparse-Check-that-at-least-32-bytes-are-available-.patch

From ae4fb8fa16cbef636e90afe1d321e06bae2ff6df Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Sebastian=20Dr=C3=B6ge?= <sebastian@centricular.com>
Date: Fri, 4 Oct 2024 13:22:02 +0300
Subject: [PATCH 08/28] wavparse: Check that at least 32 bytes are available
 before parsing smpl chunks

Thanks to Antonio Morales for finding and reporting the issue.

Fixes GHSL-2024-259
Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/3887

Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8042>
---
 subprojects/gst-plugins-good/gst/wavparse/gstwavparse.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/subprojects/gst-plugins-good/gst/wavparse/gstwavparse.c b/subprojects/gst-plugins-good/gst/wavparse/gstwavparse.c
index c36920501e..e42bb24b9b 100644
--- a/subprojects/gst-plugins-good/gst/wavparse/gstwavparse.c
+++ b/subprojects/gst-plugins-good/gst/wavparse/gstwavparse.c
@@ -893,6 +893,9 @@ gst_wavparse_smpl_chunk (GstWavParse * wav, const guint8 * data, guint32 size)
 {
   guint32 note_number;
 
+  if (size < 32)
+    return FALSE;
+
   /*
      manufacturer_id = GST_READ_UINT32_LE (data);
      product_id = GST_READ_UINT32_LE (data + 4);
-- 
2.47.0
Apply patches for CVE-2024-47537, CVE-2024-47539, CVE-2024-47540 CVE-2024-47543, CVE-2024-47544, CVE-2024-47545, CVE-2024-47546, CVE-2024-47596, CVE-2024-47597, CVE-2024-47598, CVE-2024-47599, CVE-2024-47601, CVE-2024-47602, CVE-2024-47603, CVE-2024-47606, CVE-2024-47613, CVE-2024-47774, CVE-2024-47775, CVE-2024-47776, CVE-2024-47777, CVE-2024-47778, CVE-2024-47834 Resolves: RHEL-70958, RHEL-70971, RHEL-71033, RHEL-71195 Resolves: RHEL-71210, RHEL-71202, RHEL-71171, RHEL-71200 Resolves: RHEL-71206, RHEL-71173, RHEL-71198, RHEL-71204 Resolves: RHEL-71208, RHEL-71031, RHEL-71007, RHEL-71039 Resolves: RHEL-71169, RHEL-71192, RHEL-71161, RHEL-71167 Resolves: RHEL-71189 2024-12-13 16:30:57 +00:00			`From ae4fb8fa16cbef636e90afe1d321e06bae2ff6df Mon Sep 17 00:00:00 2001`
			`From: =?UTF-8?q?Sebastian=20Dr=C3=B6ge?= <sebastian@centricular.com>`
			`Date: Fri, 4 Oct 2024 13:22:02 +0300`
			`Subject: [PATCH 08/28] wavparse: Check that at least 32 bytes are available`
			`before parsing smpl chunks`

			`Thanks to Antonio Morales for finding and reporting the issue.`

			`Fixes GHSL-2024-259`
			`Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/3887`

			`Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8042>`
			`---`
			`subprojects/gst-plugins-good/gst/wavparse/gstwavparse.c \| 3 +++`
			`1 file changed, 3 insertions(+)`

			`diff --git a/subprojects/gst-plugins-good/gst/wavparse/gstwavparse.c b/subprojects/gst-plugins-good/gst/wavparse/gstwavparse.c`
			`index c36920501e..e42bb24b9b 100644`
			`--- a/subprojects/gst-plugins-good/gst/wavparse/gstwavparse.c`
			`+++ b/subprojects/gst-plugins-good/gst/wavparse/gstwavparse.c`
			`@@ -893,6 +893,9 @@ gst_wavparse_smpl_chunk (GstWavParse * wav, const guint8 * data, guint32 size)`
			`{`
			`guint32 note_number;`

			`+ if (size < 32)`
			`+ return FALSE;`
			`+`
			`/*`
			`manufacturer_id = GST_READ_UINT32_LE (data);`
			`product_id = GST_READ_UINT32_LE (data + 4);`
			`--`
			`2.47.0`