oss-sec mailing list archives
Multiple memory access issues in gstreamer
From: Hanno Böck <hanno () hboeck de>
Date: Wed, 1 Feb 2017 11:56:16 +0100
Hi, https://gstreamer.freedesktop.org/releases/1.10/#1.10.3 gstreamer 1.10.3 got released, from the release notes: "Various fixes for crashes, assertions, deadlocks and memory leaks on fuzzed input files and in other situations" Here they are (at least the ones I reported): https://bugzilla.gnome.org/show_bug.cgi?id=775450 gst-plugins-good/aacparse: invalid memory read in gst_aac_parse_sink_setcaps https://bugzilla.gnome.org/show_bug.cgi?id=775451 gst-plugins-good/qtdemux: out of bounds read in qtdemux_tag_add_str_full https://bugzilla.gnome.org/show_bug.cgi?id=777262 gst-plugins-base/riff-media: floating point exception in gst_riff_create_audio_caps https://bugzilla.gnome.org/show_bug.cgi?id=777263 gstreamer core/datetime: out of bounds read in gst_date_time_new_from_iso8601_string() https://bugzilla.gnome.org/show_bug.cgi?id=777265 gst-plugins-base/riff: stack overflow in gst_riff_create_audio_caps https://bugzilla.gnome.org/show_bug.cgi?id=777469 gst-plugins-good/qtdemux: out of bounds heap read in qtdemux_parse_samples https://bugzilla.gnome.org/show_bug.cgi?id=777500 gst-plugins-good/avidemux: gst_avi_demux_parse_ncdt heap out of bounds read https://bugzilla.gnome.org/show_bug.cgi?id=777502 gst-plugins-base/samiparse: heap oob in html_context_handle_element https://bugzilla.gnome.org/show_bug.cgi?id=777503 gst-plugins-bad/mxfdemux: use after free in gst_mini_object_unref / gst_tag_list_unref / gst_mxf_demux_update_essence_tracks https://bugzilla.gnome.org/show_bug.cgi?id=777525 gst-plugins-base: floating point exception in gst_riff_create_audio_caps (different than #777262) https://bugzilla.gnome.org/show_bug.cgi?id=777532 gst-plugins-good/avidemux: invalid memory read in gst_avi_demux_parse_ncdt https://bugzilla.gnome.org/show_bug.cgi?id=777937 gst-plugins-ugly/asfdemux: invalid memory read in gst_asf_demux_process_ext_stream_props() And more that didn't make it into 1.10.3: https://bugzilla.gnome.org/show_bug.cgi?id=777955 gst-plugins-ugly/asfdemux: out of bounds read in gst_asf_demux_process_ext_content_desc https://bugzilla.gnome.org/show_bug.cgi?id=777957 gst-plugins-bad/mpegdemux: Invalid memory read in gst_ps_demux_parse_psm (example files are always attached or linked in the bug reports) I also reported multiple other issues like memory leaks or hangs which I consider have no security relevance. -- Hanno Böck https://hboeck.de/ mail/jabber: hanno () hboeck de GPG: FE73757FA60E4E21B937579FA5880072BBB51E42
Current thread:
- Multiple memory access issues in gstreamer Hanno Böck (Feb 01)
- Re: Multiple memory access issues in gstreamer cve-assign (Feb 01)