From 0b43888433d1ce2c7130fef5fe83d93e03b4a4f6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sebastian=20Dr=C3=B6ge?= Date: Sun, 15 Jan 2017 18:42:34 +0100 Subject: riff-media: Don't recurse in for nested WAVEFORMATEX There was already a check for that, but it failed because subformat_guid[0] is a guint32 and that is then casted implicitely to a guint16 when recursing... just that we checked the uncasted value. This caused an infinite recursion and thus stack overflow. https://bugzilla.gnome.org/show_bug.cgi?id=777265 --- gst-libs/gst/riff/riff-media.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/gst-libs/gst/riff/riff-media.c b/gst-libs/gst/riff/riff-media.c index 87b82f9dd..3b6a48f5c 100644 --- a/gst-libs/gst/riff/riff-media.c +++ b/gst-libs/gst/riff/riff-media.c @@ -1709,7 +1709,8 @@ gst_riff_create_audio_caps (guint16 codec_id, caps = gst_caps_new_empty_simple ("audio/x-ac3"); if (codec_name) *codec_name = g_strdup ("wavext AC-3 SPDIF audio"); - } else if (subformat_guid[0] == GST_RIFF_WAVE_FORMAT_EXTENSIBLE) { + } else if ((subformat_guid[0] & 0xffff) == + GST_RIFF_WAVE_FORMAT_EXTENSIBLE) { GST_DEBUG ("WAVE_FORMAT_EXTENSIBLE nested"); } else { /* recurse where no special consideration has yet to be identified -- cgit v1.2.1