Segfault in `gst_date_time_new_local_time()` with illegal date
If the gst_date_time_new_local_time
function is called with a date that is out of bounds but otherwise appears valid, such as 2020-02-31, gstreamer segfaults. This is caused by the naïve safety checks at the top of the function.
The crash presumably occurs at https://gitlab.freedesktop.org/gstreamer/gstreamer/-/blob/master/gst/gstdatetime.c#L571 when NULL is dereferenced.
You could say this causes denial of service.
Affected (that I know of):
- lollypop
- clementine
- strawberry
- epiphany (if an affected file is in a web page)
- midori (same)
Basically any player that tries to display date (perhaps from ID3 tags) using this function.
A solution would be to add a NULL check before the affected line.
References:
- https://gitlab.gnome.org/World/lollypop/issues/2252#note_746298
- https://bugs.archlinux.org/task/65918
Version:
- 1.16.2-1 on Arch Linux