mirrors/pipewire
1
0
Fork 0
mirror of https://gitlab.freedesktop.org/pipewire/pipewire.git synced 2026-05-03 06:47:04 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

security: add per-client stream limit in PulseAudio protocol

Browse source 
There was no limit on the number of streams a single client could
create. Each stream allocates a 4MB ring buffer, allowing a malicious
client to exhaust server memory. Add a configurable pulse.max-streams
property (default 64) to limit streams per client.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
This commit is contained in:
Wim Taymans 2026-04-29 16:28:05 +02:00
parent 80ec1f1d10
commit 37990b5e90
7 changed files with 18 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

1
src/modules/module-protocol-pulse/pulse-server.c
View file

@ -5605,6 +5605,7 @@ static void load_defaults(struct defs *def, struct pw_properties *props)
parse_format(props, "pulse.default.format", DEFAULT_FORMAT, &def->sample_spec);
parse_position(props, "pulse.default.position", DEFAULT_POSITION, &def->channel_map);
parse_uint32(props, "pulse.idle.timeout", DEFAULT_IDLE_TIMEOUT, &def->idle_timeout);
parse_uint32(props, "pulse.max-streams", SPA_STRINGIFY(MAX_STREAMS), &def->max_streams);
def->sample_spec.channels = def->channel_map.channels;
def->quantum_limit = 8192;
}