After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.
Bug 673436 - mpegvideoparser: fix check for too small buffer
mpegvideoparser: fix check for too small buffer
Status: RESOLVED FIXED
Product: GStreamer
Classification: Platform
Component: gst-plugins-bad
git master
Other Linux
: Normal normal
: 0.10.24
Assigned To: GStreamer Maintainers
GStreamer Maintainers
Depends on:
Blocks:
 
 
Reported: 2012-04-03 14:10 UTC by Alban Browaeys
Modified: 2012-05-21 13:32 UTC
See Also:
GNOME target: ---
GNOME version: ---

Attachments
mpegvideoparser: fix check for too small buffer (1.88 KB, patch)
2012-04-03 14:10 UTC, Alban Browaeys 		none Details | Review

Description Alban Browaeys 2012-04-03 14:10:44 UTC 
Created attachment 211225 [details] [review]
mpegvideoparser: fix check for too small buffer

The check is against size which is removed the offset.
It fails if the result is 0 or negative. Though as size is
unsigned instead of becoming negative it wraps.

Use an intermediate signed variable to fix the check.
Comment 1 Mark Nauwelaerts 2012-05-21 13:32:38 UTC 
Thanks.  Avoided an additional variable by slightly alternative fix.

[0.10]
commit b69c7c3c69a6e5610e68c3b7aae3101b53b5edb0
Author: Mark Nauwelaerts <mark.nauwelaerts@collabora.co.uk>
Date:   Mon May 21 15:24:25 2012 +0200

    codecparsers: mpegvideoparser: fix buffer size check
    
    ... to mind unsigned integer wrap
    
    Based on patch by Alban Browaeys <prahal@yahoo.com>
    
    Fixes https://bugzilla.gnome.org/show_bug.cgi?id=673436

[0.11]
commit e560ce0909693994e9b7e794f9904805c052ebcd
Author: Mark Nauwelaerts <mark.nauwelaerts@collabora.co.uk>
Date:   Mon May 21 15:24:25 2012 +0200

    codecparsers: mpegvideoparser: fix buffer size check
    
    ... to mind unsigned integer wrap
    
    Based on patch by Alban Browaeys <prahal@yahoo.com>
    
    Fixes https://bugzilla.gnome.org/show_bug.cgi?id=673436