security: fix issues in pulse module core files

- volume.c: add spa_pod_is_object check before casting param to
  spa_pod_object, preventing out-of-bounds reads on malformed pods
- manager.c: add NULL check for p->param in has_param before
  dereferencing via SPA_POD_SIZE
- snap-policy.c: check strings1[1] and strings2[1] for NULL before
  passing to g_str_equal, fixing wrong operand order
- format.c: use map->channels consistently in format_build_param

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
This commit is contained in:
Wim Taymans 2026-04-30 17:02:03 +02:00
parent ef2541a1ef
commit 6ea673b68a
4 changed files with 9 additions and 4 deletions

View file

@ -32,6 +32,9 @@ int volume_parse_param(const struct spa_pod *param, struct volume_info *info, bo
struct spa_pod_object *obj = (struct spa_pod_object *) param;
struct spa_pod_prop *prop;
if (!spa_pod_is_object(param))
return -EINVAL;
SPA_POD_OBJECT_FOREACH(obj, prop) {
switch (prop->key) {
case SPA_PROP_volume: