-
The old code had a couple of issues that all lead to potential memory safety bugs. - Use a constant for the Wavpack4Header size instead of using sizeof. It's written out into the data and not from the struct and who knows what special alignment/padding requirements some C compilers have. - gst_buffer_set_size() does not realloc the buffer when setting a bigger size than allocated, it only allows growing up to the maximum allocated size. Instead use a GstAdapter to collect all the blocks and take out everything at once in the end. - Check that enough data is actually available in the input and otherwise handle it an error in all cases instead of silently ignoring it. Among other things this fixes out of bounds writes because the code assumed gst_buffer_set_size() can grow the buffer and simply wrote after the end of the buffer. Thanks to Natalie Silvanovich for reporting. Fixes #859 Part-of: <!903>91811915
