/ gst-plugins-bad Public mirrormirrored from git://anongit.freedesktop.org/gstreamer/gst-plugins-bad
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Browse the repository at this point in the history
vmncdec: Sanity-check width/height before using it
We will allocate a screen area of width*height*bpp bytes, however this calculation can easily overflow if too high width or height are given inside the stream. Nonetheless we would just assume that enough memory was allocated, try to fill it and overwrite as much memory as wanted. Also allocate the screen area filled with zeroes to ensure that we start with full-black and not any random (or not so random) data. https://scarybeastsecurity.blogspot.gr/2016/11/0day-poc-risky-design-decisions-in.html Ideally we should just remove this plugin in favour of the one in gst-libav, which generally seems to be of better code quality. https://bugzilla.gnome.org/show_bug.cgi?id=774533
- Loading branch information
Showing 1 changed file with 5 additions and 1 deletion.