matroskademux: use g_memdup2() as g_memdup() is deprecated

- ebml-read: add some sanity checks when going from 64-bit
  to 32-bit length
- matroska-ids: codec_data_size has been checked via
  gst_ebml_read_binary(), is existing allocation.
- matroska-demux: alloc size is from existing allocations

g_memdup() is deprecated since GLib 2.68 and we want to avoid
deprecation warnings with recent versions of GLib.

Also use gst_buffer_new_memdup() instead of _wrapped(g_memdup(),..).

Part-of: <https://gitlab.freedesktop.org/gstreamer/gst-plugins-good/-/merge_requests/993>

4 files changed, 34 insertions, 31 deletions

diff --git a/gst/matroska/ebml-read.c b/gst/matroska/ebml-read.c
index 004fa3a03..f66990b35 100644
--- a/gst/matroska/ebml-read.c
+++ b/gst/matroska/ebml-read.c
@@ -366,6 +366,19 @@ gst_ebml_read_bytes (GstEbmlRead * ebml, guint32 * id, const guint8 ** data,
   if (!gst_byte_reader_skip (gst_ebml_read_br (ebml), prefix))
     return GST_FLOW_ERROR;      /* FIXME: do proper error handling */
 
+  /* This shouldn't happen here with the elements read through this function */
+  if (length == GST_EBML_SIZE_UNKNOWN || length == G_MAXUINT64) {
+    GST_ERROR_OBJECT (ebml->el, "element 0x%x has undefined length!", *id);
+    return GST_FLOW_ERROR;
+  }
+
+  /* Sanity check since we're downcasting a 64-bit len to possibly 32-bit here */
+  if (length >= G_MAXUINT) {
+    GST_ERROR_OBJECT (ebml->el, "element 0x%x too large, "
+        "size %" G_GUINT64_FORMAT, *id, length);
+    return GST_FLOW_ERROR;
+  }
+
   *data = NULL;
   if (G_LIKELY (length > 0)) {
     if (!gst_byte_reader_get_data (gst_ebml_read_br (ebml), length, data))
@@ -663,7 +676,7 @@ gst_ebml_read_binary (GstEbmlRead * ebml,
     return ret;
 
   *length = size;
-  *binary = g_memdup (data, size);
+  *binary = g_memdup2 (data, size);
 
   return GST_FLOW_OK;
 }
diff --git a/gst/matroska/matroska-demux.c b/gst/matroska/matroska-demux.c
index 940f842d8..3a49b2f7d 100644
--- a/gst/matroska/matroska-demux.c
+++ b/gst/matroska/matroska-demux.c
@@ -3845,8 +3845,7 @@ gst_matroska_demux_add_mpeg_seq_header (GstElement * element,
 
     GST_DEBUG_OBJECT (element, "Prepending MPEG sequence header");
 
-    newbuf = gst_buffer_new_wrapped (g_memdup (seq_header, seq_header_len),
-        seq_header_len);
+    newbuf = gst_buffer_new_memdup (seq_header, seq_header_len);
 
     gst_buffer_copy_into (newbuf, *buf, GST_BUFFER_COPY_TIMESTAMPS |
         GST_BUFFER_COPY_FLAGS | GST_BUFFER_COPY_MEMORY, 0,
@@ -6386,9 +6385,7 @@ gst_matroska_demux_video_caps (GstMatroskaTrackVideoContext *
       if (size > sizeof (gst_riff_strf_vids)) { /* some extra_data */
         gsize offset = sizeof (gst_riff_strf_vids);
 
-        buf =
-            gst_buffer_new_wrapped (g_memdup ((guint8 *) vids + offset,
-                size - offset), size - offset);
+        buf = gst_buffer_new_memdup ((guint8 *) vids + offset, size - offset);
       }
 
       if (riff_fourcc)
@@ -6470,7 +6467,7 @@ gst_matroska_demux_video_caps (GstMatroskaTrackVideoContext *
     if (data) {
       GstBuffer *priv;
 
-      priv = gst_buffer_new_wrapped (g_memdup (data, size), size);
+      priv = gst_buffer_new_memdup (data, size);
       gst_caps_set_simple (caps, "codec_data", GST_TYPE_BUFFER, priv, NULL);
       gst_buffer_unref (priv);
 
@@ -6519,7 +6516,7 @@ gst_matroska_demux_video_caps (GstMatroskaTrackVideoContext *
       gst_codec_utils_h264_caps_set_level_and_profile (caps, data + 1,
           size - 1);
 
-      priv = gst_buffer_new_wrapped (g_memdup (data, size), size);
+      priv = gst_buffer_new_memdup (data, size);
       gst_caps_set_simple (caps, "codec_data", GST_TYPE_BUFFER, priv, NULL);
       gst_buffer_unref (priv);
 
@@ -6539,7 +6536,7 @@ gst_matroska_demux_video_caps (GstMatroskaTrackVideoContext *
       gst_codec_utils_h265_caps_set_level_tier_and_profile (caps, data + 1,
           size - 1);
 
-      priv = gst_buffer_new_wrapped (g_memdup (data, size), size);
+      priv = gst_buffer_new_memdup (data, size);
       gst_caps_set_simple (caps, "codec_data", GST_TYPE_BUFFER, priv, NULL);
       gst_buffer_unref (priv);
 
@@ -6578,9 +6575,7 @@ gst_matroska_demux_video_caps (GstMatroskaTrackVideoContext *
       subformat = GST_READ_UINT32_BE (data + 0x1a);
       rformat = GST_READ_UINT32_BE (data + 0x1e);
 
-      priv =
-          gst_buffer_new_wrapped (g_memdup (data + 0x1a, size - 0x1a),
-          size - 0x1a);
+      priv = gst_buffer_new_memdup (data + 0x1a, size - 0x1a);
       gst_caps_set_simple (caps, "codec_data", GST_TYPE_BUFFER, priv, "format",
           G_TYPE_INT, rformat, "subformat", G_TYPE_INT, subformat, NULL);
       gst_buffer_unref (priv);
@@ -6612,7 +6607,7 @@ gst_matroska_demux_video_caps (GstMatroskaTrackVideoContext *
     if (data) {
       GstBuffer *priv;
 
-      priv = gst_buffer_new_wrapped (g_memdup (data, size), size);
+      priv = gst_buffer_new_memdup (data, size);
       gst_caps_set_simple (caps, "codec_data", GST_TYPE_BUFFER, priv, NULL);
       gst_buffer_unref (priv);
     } else {
@@ -7012,8 +7007,7 @@ gst_matroska_demux_audio_caps (GstMatroskaTrackAudioContext *
       }
 
       tmp =
-          gst_buffer_new_wrapped (g_memdup (context->codec_priv,
-              context->codec_priv_size), context->codec_priv_size);
+          gst_buffer_new_memdup (context->codec_priv, context->codec_priv_size);
       caps = gst_codec_utils_opus_create_caps_from_header (tmp, NULL);
       gst_buffer_unref (tmp);
       *codec_name = g_strdup ("Opus");
@@ -7103,8 +7097,8 @@ gst_matroska_demux_audio_caps (GstMatroskaTrackAudioContext *
         if (freq_index == 15)
           explicit_freq_bytes = 3;
         GST_DEBUG ("obj_type = %u, freq_index = %u", obj_type, freq_index);
-        priv = gst_buffer_new_wrapped (g_memdup (context->codec_priv,
-                context->codec_priv_size), context->codec_priv_size);
+        priv = gst_buffer_new_memdup (context->codec_priv,
+            context->codec_priv_size);
         /* assume SBR if samplerate <= 24kHz */
         if (obj_type == 5 || (freq_index >= 6 && freq_index != 15) ||
             (context->codec_priv_size == (5 + explicit_freq_bytes))) {
@@ -7234,8 +7228,7 @@ gst_matroska_demux_audio_caps (GstMatroskaTrackAudioContext *
             G_TYPE_INT, leaf_size, "width", G_TYPE_INT, sample_width, NULL);
 
         if ((size - 78) >= extra_data_size) {
-          priv = gst_buffer_new_wrapped (g_memdup (data + 78, extra_data_size),
-              extra_data_size);
+          priv = gst_buffer_new_memdup (data + 78, extra_data_size);
           gst_caps_set_simple (caps, "codec_data", GST_TYPE_BUFFER, priv, NULL);
           gst_buffer_unref (priv);
         }
@@ -7337,7 +7330,7 @@ gst_matroska_demux_subtitle_caps (GstMatroskaTrackSubtitleContext *
   if (data != NULL && size > 0) {
     GstBuffer *buf;
 
-    buf = gst_buffer_new_wrapped (g_memdup (data, size), size);
+    buf = gst_buffer_new_memdup (data, size);
     gst_caps_set_simple (caps, "codec_data", GST_TYPE_BUFFER, buf, NULL);
     gst_buffer_unref (buf);
   }
diff --git a/gst/matroska/matroska-ids.c b/gst/matroska/matroska-ids.c
index 633171fa1..eca527922 100644
--- a/gst/matroska/matroska-ids.c
+++ b/gst/matroska/matroska-ids.c
@@ -189,7 +189,7 @@ gst_matroska_parse_xiph_stream_headers (gpointer codec_data,
     if (offset + length[i] > codec_data_size)
       goto error;
 
-    hdr = gst_buffer_new_wrapped (g_memdup (p + offset, length[i]), length[i]);
+    hdr = gst_buffer_new_memdup (p + offset, length[i]);
     gst_buffer_list_add (list, hdr);
 
     offset += length[i];
@@ -228,12 +228,11 @@ gst_matroska_parse_speex_stream_headers (gpointer codec_data,
 
   list = gst_buffer_list_new ();
 
-  hdr = gst_buffer_new_wrapped (g_memdup (pdata, 80), 80);
+  hdr = gst_buffer_new_memdup (pdata, 80);
   gst_buffer_list_add (list, hdr);
 
   if (codec_data_size > 80) {
-    hdr = gst_buffer_new_wrapped (g_memdup (pdata + 80, codec_data_size - 80),
-        codec_data_size - 80);
+    hdr = gst_buffer_new_memdup (pdata + 80, codec_data_size - 80);
     gst_buffer_list_add (list, hdr);
   }
 
@@ -262,9 +261,7 @@ gst_matroska_parse_opus_stream_headers (gpointer codec_data,
 
   list = gst_buffer_list_new ();
 
-  hdr =
-      gst_buffer_new_wrapped (g_memdup (pdata, codec_data_size),
-      codec_data_size);
+  hdr = gst_buffer_new_memdup (pdata, codec_data_size);
   gst_buffer_list_add (list, hdr);
 
   return list;
@@ -294,7 +291,7 @@ gst_matroska_parse_flac_stream_headers (gpointer codec_data,
 
   list = gst_buffer_list_new ();
 
-  hdr = gst_buffer_new_wrapped (g_memdup (pdata, 4), 4);
+  hdr = gst_buffer_new_memdup (pdata, 4);
   gst_buffer_list_add (list, hdr);
 
   /* skip fLaC marker */
@@ -312,7 +309,7 @@ gst_matroska_parse_flac_stream_headers (gpointer codec_data,
       return NULL;
     }
 
-    hdr = gst_buffer_new_wrapped (g_memdup (pdata + off, len + 4), len + 4);
+    hdr = gst_buffer_new_memdup (pdata + off, len + 4);
     gst_buffer_list_add (list, hdr);
 
     off += 4 + len;
diff --git a/gst/matroska/matroska-read-common.c b/gst/matroska/matroska-read-common.c
index 90d6e38e1..062044f64 100644
--- a/gst/matroska/matroska-read-common.c
+++ b/gst/matroska/matroska-read-common.c
@@ -797,7 +797,7 @@ gst_matroska_read_common_parse_attached_file (GstMatroskaReadCommon * common,
 
   DEBUG_ELEMENT_STOP (common, ebml, "AttachedFile", ret);
 
-  if (filename && mimetype && data && datalen > 0) {
+  if (filename && mimetype && data && datalen > 0 && datalen < G_MAXUINT) {
     GstTagImageType image_type = GST_TAG_IMAGE_TYPE_NONE;
     GstBuffer *tagbuffer = NULL;
     GstSample *tagsample = NULL;
@@ -843,7 +843,7 @@ gst_matroska_read_common_parse_attached_file (GstMatroskaReadCommon * common,
 
     /* if this failed create an attachment buffer */
     if (!tagbuffer) {
-      tagbuffer = gst_buffer_new_wrapped (g_memdup (data, datalen), datalen);
+      tagbuffer = gst_buffer_new_memdup (data, datalen);
 
       caps = gst_type_find_helper_for_buffer (NULL, tagbuffer, NULL);
       if (caps == NULL)