From 5a9abc018ebe1ffa5412bf3f7ad9fde414ef8b68 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sebastian=20Dr=C3=B6ge?= Date: Fri, 4 Oct 2024 13:21:44 +0300 Subject: [PATCH 07/28] wavparse: Check that at least 4 bytes are available before parsing cue chunks Part-of: --- subprojects/gst-plugins-good/gst/wavparse/gstwavparse.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/subprojects/gst-plugins-good/gst/wavparse/gstwavparse.c b/subprojects/gst-plugins-good/gst/wavparse/gstwavparse.c index 5ccf7cd1e1..c36920501e 100644 --- a/subprojects/gst-plugins-good/gst/wavparse/gstwavparse.c +++ b/subprojects/gst-plugins-good/gst/wavparse/gstwavparse.c @@ -789,6 +789,11 @@ gst_wavparse_cue_chunk (GstWavParse * wav, const guint8 * data, guint32 size) return TRUE; } + if (size < 4) { + GST_WARNING_OBJECT (wav, "broken file %d", size); + return FALSE; + } + ncues = GST_READ_UINT32_LE (data); if (size < 4 + ncues * 24) { -- 2.47.0