mirrors/pipewire
1
0
Fork 0
mirror of https://gitlab.freedesktop.org/pipewire/pipewire.git synced 2026-04-25 06:46:40 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

security: fix unbounded sprintf in check_flatpak

Browse source 
Memory Safety: Medium

sprintf was used to format a /proc path without bounds checking.
While pid_t values are practically bounded, using snprintf with
sizeof(root_path) ensures the buffer cannot overflow regardless
of the input value, following defense-in-depth principles.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Wim Taymans 2026-04-23 14:38:14 +02:00
parent 2707269118
commit 6353eb526d
1 changed files with 1 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

2
src/modules/module-protocol-pulse/utils.c
View file

@ -82,7 +82,7 @@ int check_flatpak(struct client *client, pid_t pid)
int root_fd, info_fd, res; int root_fd, info_fd, res;
struct stat stat_buf; struct stat stat_buf;
sprintf(root_path, "/proc/%ld/root", (long) pid); snprintf(root_path, sizeof(root_path), "/proc/%ld/root", (long) pid);
root_fd = openat(AT_FDCWD, root_path, O_RDONLY | O_NONBLOCK | O_DIRECTORY | O_CLOEXEC | O_NOCTTY); root_fd = openat(AT_FDCWD, root_path, O_RDONLY | O_NONBLOCK | O_DIRECTORY | O_CLOEXEC | O_NOCTTY);
if (root_fd == -1) { if (root_fd == -1) {
res = -errno; res = -errno;