jcgruenhage/void-packages
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Merge pull request #5188 from Hoshpak/gstreamer-security-vmware

Browse source 
gst-plugins-bad: add fix-CESA-2016-0002.patch
This commit is contained in:
Jürgen Buchmüller 2016-11-18 09:53:43 +01:00 committed by GitHub
commit 44d2298009
2 changed files with 23 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

22
srcpkgs/gst-plugins-bad/patches/fix-CESA-2016-0002.patch Normal file
View file

@ -0,0 +1,22 @@
--- gst/vmnc/vmncdec.c
+++ gst/vmnc/vmncdec.c
@@ -370,7 +370,7 @@ vmnc_handle_wmvi_rectangle (GstVMncDec *
if (dec->imagedata)
g_free (dec->imagedata);
- dec->imagedata = g_malloc (dec->format.width * dec->format.height *
+ dec->imagedata = g_malloc0 (dec->format.width * dec->format.height *
dec->format.bytes_per_pixel);
GST_DEBUG_OBJECT (dec, "Allocated image data at %p", dec->imagedata);
@@ -901,6 +901,10 @@ vmnc_handle_packet (GstVMncDec * dec, co
GST_WARNING_OBJECT (dec, "Rectangle out of range, type %d", r.type);
return ERROR_INVALID;
}
+ } else if (r.width > 16384 || r.height > 16384) {
+ GST_WARNING_OBJECT (dec, "Width or height too high: %ux%u", r.width,
+ r.height);
+ return ERROR_INVALID;
}
switch (r.type) {

2
srcpkgs/gst-plugins-bad/template
View file

@ -1,7 +1,7 @@
# Template file for 'gst-plugins-bad'.
pkgname=gst-plugins-bad
version=0.10.23
revision=19
revision=20
lib32disabled=yes
build_style=gnu-configure
configure_args="--enable-experimental --disable-static --disable-nsf"