File: CVE-2024-47600.patch

package info (click to toggle)
gst-plugins-base1.0 1.22.0-3%2Bdeb12u5
  • links: PTS, VCS
  • area: main
  • in suites: bookworm
  • size: 23,968 kB
  • sloc: ansic: 379,461; cpp: 3,963; objc: 2,236; python: 294; sh: 66; makefile: 52
file content (24 lines) | stat: -rw-r--r-- 915 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
 
From 5b205225e2c6a19ddcace350fdc18a0edf87bcb5 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Sebastian=20Dr=C3=B6ge?= <sebastian@centricular.com>
Date: Mon, 30 Sep 2024 18:19:30 +0300
Subject: [PATCH] discoverer: Don't print channel layout for more than 64
 channels

64+ channels are always unpositioned / unknown layout.

Thanks to Antonio Morales for finding and reporting the issue.

Fixes GHSL-2024-248
Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/3864

--- gst-plugins-base1.0-1.22.0.orig/tools/gst-discoverer.c
+++ gst-plugins-base1.0-1.22.0/tools/gst-discoverer.c
@@ -222,7 +222,7 @@ format_channel_mask (GstDiscovererAudioI
 
   channel_mask = gst_discoverer_audio_info_get_channel_mask (ainfo);
 
-  if (channel_mask != 0) {
+  if (channel_mask != 0 && channels <= 64) {
     gst_audio_channel_positions_from_mask (channels, channel_mask, position);
 
     for (i = 0; i < channels; i++) {