wavparse: Fix various (missing) size checks and other parsing problems
commit 0340413dcfbe4d9f2baec984c986ce4b7ef7088b
Author: Sebastian Dröge <sebastian@centricular.com>
Date: Fri Oct 4 13:51:00 2024 +0300
wavparse: Check size before reading ds64 chunk
Thanks to Antonio Morales for finding and reporting the issue.
Fixes GHSL-2024-261
Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/3889
commit adc916957ca6aa3bf887b40e997bd6099f76dd4b
Author: Sebastian Dröge <sebastian@centricular.com>
Date: Fri Oct 4 13:27:27 2024 +0300
wavparse: Fix clipping of size to the file size
The size does not include the 8 bytes tag and length, so an additional 8 bytes
must be removed here. 8 bytes are always available at this point because
otherwise the parsing of the tag and length right above would've failed.
Thanks to Antonio Morales for finding and reporting the issue.
Fixes GHSL-2024-260
Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/3888
commit 932609733d0f31e398cb9dca907693bb4951ee80
Author: Sebastian Dröge <sebastian@centricular.com>
Date: Fri Oct 4 13:22:02 2024 +0300
wavparse: Check that at least 32 bytes are available before parsing smpl chunks
Thanks to Antonio Morales for finding and reporting the issue.
Fixes GHSL-2024-259
Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/3887
commit 6a7cfb4db0d49960126003bf3fda91059ccaa52c
Author: Sebastian Dröge <sebastian@centricular.com>
Date: Fri Oct 4 13:21:44 2024 +0300
wavparse: Check that at least 4 bytes are available before parsing cue chunks
commit 27cdfc3b909d617e46678c0f623d6562c60bd18f
Author: Sebastian Dröge <sebastian@centricular.com>
Date: Fri Oct 4 13:15:27 2024 +0300
wavparse: Fix parsing of acid chunk
Simply casting the bytes to a struct can lead to crashes because of unaligned
reads, and is also missing the endianness swapping that is necessary on big
endian architectures.
commit aa744e79a1a35d966379b2b7774306abba5ef5f7
Author: Sebastian Dröge <sebastian@centricular.com>
Date: Fri Oct 4 13:09:43 2024 +0300
wavparse: Make sure enough data for the tag list tag is available before parsing
Thanks to Antonio Morales for finding and reporting the issue.
Fixes GHSL-2024-258
Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/3886
commit fc0576f75b1b94038c8fb0cae09f92c29c0a46dc
Author: Sebastian Dröge <sebastian@centricular.com>
Date: Fri Oct 4 13:00:57 2024 +0300
wavparse: Check for short reads when parsing headers in pull mode
Thanks to Antonio Morales for finding and reporting the issue.
Fixes GHSL-2024-258, GHSL-2024-260
Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/3886
Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/3888