reinit the tree, so we can have metadata

1 files changed, 46 insertions, 0 deletions

diff --git a/media-libs/gst-plugins-ugly/files/1.10.3-CVE-2017-5847.patch b/media-libs/gst-plugins-ugly/files/1.10.3-CVE-2017-5847.patch
new file mode 100644
index 000000000000..078b8c087198
--- /dev/null
+++ b/media-libs/gst-plugins-ugly/files/1.10.3-CVE-2017-5847.patch
@@ -0,0 +1,46 @@
+From fe74dabd2c8dc2be54156729986ea38582e8c7ae Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Sebastian=20Dr=C3=B6ge?= <sebastian@centricular.com>
+Date: Tue, 31 Jan 2017 13:50:21 +0200
+Subject: [PATCH] asfdemux: Check that we have enough data available before
+ parsing bool/uint extended content descriptors
+
+https://bugzilla.gnome.org/show_bug.cgi?id=777955
+---
+ gst/asfdemux/gstasfdemux.c | 14 ++++++++++++--
+ 1 file changed, 12 insertions(+), 2 deletions(-)
+
+diff --git a/gst/asfdemux/gstasfdemux.c b/gst/asfdemux/gstasfdemux.c
+index 255a427..b8d48ad 100644
+--- a/gst/asfdemux/gstasfdemux.c
++++ b/gst/asfdemux/gstasfdemux.c
+@@ -3439,7 +3439,12 @@ gst_asf_demux_process_ext_content_desc (GstASFDemux * demux, guint8 * data,
+           break;
+         }
+         case ASF_DEMUX_DATA_TYPE_DWORD:{
+-          guint uint_val = GST_READ_UINT32_LE (value);
++          guint uint_val;
++
++          if (value_len < 4)
++            break;
++
++          uint_val = GST_READ_UINT32_LE (value);
+ 
+           /* this is the track number */
+           g_value_init (&tag_value, G_TYPE_UINT);
+@@ -3453,7 +3458,12 @@ gst_asf_demux_process_ext_content_desc (GstASFDemux * demux, guint8 * data,
+         }
+           /* Detect 3D */
+         case ASF_DEMUX_DATA_TYPE_BOOL:{
+-          gboolean bool_val = GST_READ_UINT32_LE (value);
++          gboolean bool_val;
++
++          if (value_len < 4)
++            break;
++
++          bool_val = GST_READ_UINT32_LE (value);
+ 
+           if (strncmp ("Stereoscopic", name_utf8, strlen (name_utf8)) == 0) {
+             if (bool_val) {
+-- 
+2.10.1
+