mirror of
https://gitlab.freedesktop.org/pipewire/pipewire.git
synced 2026-07-02 00:06:09 -04:00
security: fix issues in pulse module core files
- volume.c: add spa_pod_is_object check before casting param to spa_pod_object, preventing out-of-bounds reads on malformed pods - manager.c: add NULL check for p->param in has_param before dereferencing via SPA_POD_SIZE - snap-policy.c: check strings1[1] and strings2[1] for NULL before passing to g_str_equal, fixing wrong operand order - format.c: use map->channels consistently in format_build_param Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
This commit is contained in:
parent
ef2541a1ef
commit
6ea673b68a
4 changed files with 9 additions and 4 deletions
|
|
@ -32,6 +32,9 @@ int volume_parse_param(const struct spa_pod *param, struct volume_info *info, bo
|
|||
struct spa_pod_object *obj = (struct spa_pod_object *) param;
|
||||
struct spa_pod_prop *prop;
|
||||
|
||||
if (!spa_pod_is_object(param))
|
||||
return -EINVAL;
|
||||
|
||||
SPA_POD_OBJECT_FOREACH(obj, prop) {
|
||||
switch (prop->key) {
|
||||
case SPA_PROP_volume:
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue