From 6cc92c0e2b4ee1bac9da56102850b4ea4d1faaaa Mon Sep 17 00:00:00 2001 From: Wim Taymans Date: Thu, 30 Apr 2026 18:38:32 +0200 Subject: [PATCH] security: add missing NULL checks and fix error handling in modules module-access: add NULL check after pw_properties_new for socket_access. module-pulse-tunnel: add NULL check after 4MB calloc for ring buffer. module-rt: add NULL check after calloc in thread create. module-rtp-session: add goto error after failed pw_net_parse_address instead of falling through. module-snapcast-discover: fix missing null-termination on network-received data before logging it as a string. Co-Authored-By: Claude Opus 4.7 --- src/modules/module-access.c | 4 ++++ src/modules/module-pulse-tunnel.c | 4 ++++ src/modules/module-rt.c | 2 ++ src/modules/module-rtp-session.c | 2 ++ src/modules/module-snapcast-discover.c | 3 ++- 5 files changed, 14 insertions(+), 1 deletion(-) diff --git a/src/modules/module-access.c b/src/modules/module-access.c index 26e64f749..83c2c98d5 100644 --- a/src/modules/module-access.c +++ b/src/modules/module-access.c @@ -389,6 +389,10 @@ int pipewire__module_init(struct pw_impl_module *module, const char *args_str) pw_context_conf_update_props(context, "module."NAME".args", args); impl->socket_access = pw_properties_new(NULL, NULL); + if (impl->socket_access == NULL) { + res = -errno; + goto error; + } if ((res = parse_args(impl, props, args)) < 0) goto error; diff --git a/src/modules/module-pulse-tunnel.c b/src/modules/module-pulse-tunnel.c index fe496fa33..f29163d47 100644 --- a/src/modules/module-pulse-tunnel.c +++ b/src/modules/module-pulse-tunnel.c @@ -1149,6 +1149,10 @@ int pipewire__module_init(struct pw_impl_module *module, const char *args) spa_ringbuffer_init(&impl->ring); impl->buffer = calloc(1, RINGBUFFER_SIZE); + if (impl->buffer == NULL) { + res = -errno; + goto error; + } spa_dll_init(&impl->dll); impl->rate_limit.interval = 2 * SPA_NSEC_PER_SEC; impl->rate_limit.burst = 1; diff --git a/src/modules/module-rt.c b/src/modules/module-rt.c index 703923deb..b1bc817e3 100644 --- a/src/modules/module-rt.c +++ b/src/modules/module-rt.c @@ -741,6 +741,8 @@ static struct spa_thread *impl_create(void *object, const struct spa_dict *props struct spa_thread *thread; this = calloc(1, sizeof(*this)); + if (this == NULL) + return NULL; this->impl = impl; this->start = start_routine; this->arg = arg; diff --git a/src/modules/module-rtp-session.c b/src/modules/module-rtp-session.c index a8ceb36d2..671fac2c4 100644 --- a/src/modules/module-rtp-session.c +++ b/src/modules/module-rtp-session.c @@ -1417,9 +1417,11 @@ static void on_zeroconf_added(void *data, const void *user, const struct spa_dic if ((res = pw_net_parse_address(address, port, &sess->ctrl_addr, &sess->ctrl_len)) < 0) { pw_log_error("invalid address %s: %s", address, spa_strerror(res)); + goto error; } if ((res = pw_net_parse_address(address, port+1, &sess->data_addr, &sess->data_len)) < 0) { pw_log_error("invalid address %s: %s", address, spa_strerror(res)); + goto error; } return; error: diff --git a/src/modules/module-snapcast-discover.c b/src/modules/module-snapcast-discover.c index 677725699..fe4be1097 100644 --- a/src/modules/module-snapcast-discover.c +++ b/src/modules/module-snapcast-discover.c @@ -351,7 +351,7 @@ static int process_input(struct tunnel *t) int res = 0; while (true) { - res = read(t->source->fd, buffer, sizeof(buffer)); + res = read(t->source->fd, buffer, sizeof(buffer) - 1); if (res == 0) return -EPIPE; if (res < 0) { @@ -362,6 +362,7 @@ static int process_input(struct tunnel *t) return res; break; } + buffer[res] = '\0'; } pw_log_info("received: %s", buffer);