mirrors/pipewire
1
0
Fork 0
mirror of https://gitlab.freedesktop.org/pipewire/pipewire.git synced 2025-11-22 06:59:59 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

SPA POD parser: fix several integer overflows

Browse source 
This fixes several integer overflow problems in the POD parser, as well
as fixing a returns-twice warning from GCC and integer truncation
problems in SPA_FLAG_CLEAR and SPA_ROUND_DOWN_N.  The integer overflows
can result in a tiny POD being treated as a huge one, causing
out-of-bounds reads.
This commit is contained in:
Demi Marie Obenour 2022-07-30 13:10:19 -04:00 committed by Wim Taymans
parent 0e4df09e53
commit 1e848fc299
7 changed files with 59 additions and 16 deletions
Download patch file Download diff file Expand all files Collapse all files

2
spa/include/spa/support/system.h
View file

@ -119,7 +119,7 @@ struct spa_system_methods {
#define spa_system_method_r(o,method,version,...) \
({ \
int _res = -ENOTSUP; \
volatile int _res = -ENOTSUP; \
struct spa_system *_o = o; \
spa_interface_call_res(&_o->iface, \
struct spa_system_methods, _res, \