From 8d97fde57e9ff1344624c34076fe08d8b845dcb9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sebastian=20Dr=C3=B6ge?= Date: Mon, 30 Sep 2024 19:06:03 +0300 Subject: [PATCH 15/28] matroskademux: Skip over laces directly when postprocessing the frame fails Otherwise NULL buffers might be handled afterwards. Thanks to Antonio Morales for finding and reporting the issue. Fixes GHSL-2024-249 Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/3865 Part-of: --- .../gst-plugins-good/gst/matroska/matroska-demux.c | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/subprojects/gst-plugins-good/gst/matroska/matroska-demux.c b/subprojects/gst-plugins-good/gst/matroska/matroska-demux.c index 98ed51e86a..e0a4405dce 100644 --- a/subprojects/gst-plugins-good/gst/matroska/matroska-demux.c +++ b/subprojects/gst-plugins-good/gst/matroska/matroska-demux.c @@ -4982,6 +4982,18 @@ gst_matroska_demux_parse_blockgroup_or_simpleblock (GstMatroskaDemux * demux, if (stream->postprocess_frame) { GST_LOG_OBJECT (demux, "running post process"); ret = stream->postprocess_frame (GST_ELEMENT (demux), stream, &sub); + if (ret != GST_FLOW_OK) { + gst_clear_buffer (&sub); + goto next_lace; + } + + if (sub == NULL) { + GST_WARNING_OBJECT (demux, + "Postprocessing buffer with timestamp %" GST_TIME_FORMAT + " for stream %d failed", GST_TIME_ARGS (buffer_timestamp), + stream_num); + goto next_lace; + } } /* At this point, we have a sub-buffer pointing at data within a larger -- 2.47.0