Skip to content

Backport of "oggstream: fix invalid ogg_packet->packet accesses, address invalid writes CVE" into 1.24

Backport of !8038 (merged) "oggstream: fix invalid ogg_packet->packet accesses, address invalid writes CVE".

Commits:

  • 1d217db7 vorbis_parse: check writes to GstOggStream.vorbis_mode_sizes
  • 4129a992 oggstream: review and fix per-format min_packet_size

Merge request reports

Loading