mirrors/pipewire
1
0
Fork 0
mirror of https://gitlab.freedesktop.org/pipewire/pipewire.git synced 2025-11-03 09:01:54 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

modules: clamp input offset and size

Browse source 
So that we don't cause memory errors with invalid input.
This commit is contained in:
Wim Taymans 2022-06-04 11:47:48 +02:00
parent 24ba3f4d92
commit 0f839c7b61
10 changed files with 96 additions and 61 deletions
Download patch file Download diff file Expand all files Collapse all files

8
src/modules/module-raop-sink.c
View file

@ -430,7 +430,7 @@ static void playback_stream_process(void *d)
struct pw_buffer *buf;
struct spa_data *bd;
uint8_t *data;
uint32_t size;
uint32_t offs, size;
if ((buf = pw_stream_dequeue_buffer(impl->stream)) == NULL) {
pw_log_debug("out of buffers: %m");
@ -438,8 +438,10 @@ static void playback_stream_process(void *d)
}
bd = &buf->buffer->datas[0];
data = SPA_PTROFF(bd->data, bd->chunk->offset, uint8_t);
size = bd->chunk->size;
offs = SPA_MIN(bd->chunk->offset, bd->maxsize);
size = SPA_MIN(bd->chunk->size, bd->maxsize - offs);
data = SPA_PTROFF(bd->data, offs, uint8_t);
while (size > 0 && impl->block_size > 0) {
uint32_t avail, to_fill;