After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.
Bug 639136 - [oggparse]code is not safe when using libogg fuctions
[oggparse]code is not safe when using libogg fuctions
Status: RESOLVED FIXED
Product: GStreamer
Classification: Platform
Component: gst-plugins-base
unspecified
Other Linux
: Normal normal
: 0.10.33
Assigned To: GStreamer Maintainers
GStreamer Maintainers
Depends on:
Blocks:
 
 
Reported: 2011-01-10 11:36 UTC by Yang Xichuan
Modified: 2011-01-24 18:40 UTC
See Also:
GNOME target: ---
GNOME version: ---

Attachments
make it safer (2.02 KB, patch)
2011-01-10 11:36 UTC, Yang Xichuan 		none Details | Review
patch (1.90 KB, patch)
2011-01-11 07:17 UTC, Yang Xichuan 		committed Details | Review

Description Yang Xichuan 2011-01-10 11:36:58 UTC 
Created attachment 177920 [details] [review]
make it safer

The fuction "gst_ogg_parse_submit_buffer"in file gstoggparse.c using the libogg fuctions:"ogg_sync_buffer, ogg_sync_wrote" to submit the given buffer to the ogg sync, but it didn't judge the return values. That's not safe. So I did this change form the fuction "gst_ogg_demux_submit_buffer" int file gstoggdemux.c
Here is the patch:
Comment 1 Yang Xichuan 2011-01-11 07:17:59 UTC 
Created attachment 178008 [details] [review]
patch

I change the codes, and I think this one could be better
Comment 2 Sebastian Dröge (slomo) 2011-01-11 17:22:37 UTC 
Thanks, I'll push this change after the next gst-plugins-base release.
Comment 3 Sebastian Dröge (slomo) 2011-01-24 18:40:26 UTC 
commit cb9607632f86a28ee7fe649efd279ca07edf4844
Author: Yang Xichuan <xichuan.yang@tieto.com>
Date:   Tue Jan 11 15:10:42 2011 +0800

    oggparse: Make gst_ogg_parse_submit_buffer() safe
    
    By not passing zero-sized buffers to ogg_sync_buffer()
    and checking the return values of libogg functions.
    
    Fixes bug #639136.