mirrors/pipewire
1
0
Fork 0
mirror of https://gitlab.freedesktop.org/pipewire/pipewire.git synced 2025-10-31 22:25:38 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

builder: make deref safer

Browse source 
Don't try to deref objects that did not fit into the memory.
Deref now returns the object
This commit is contained in:
Wim Taymans 2017-11-13 11:50:50 +01:00
parent 101d2af1be
commit 737b428077
8 changed files with 32 additions and 26 deletions
Download patch file Download diff file Expand all files Collapse all files

28
spa/include/spa/pod/builder.h
View file

@ -67,10 +67,16 @@ static inline void spa_pod_builder_init(struct spa_pod_builder *builder, void *d
static inline void *
spa_pod_builder_deref(struct spa_pod_builder *builder, uint32_t ref)
{
if (builder->deref)
if (ref == -1)
return NULL;
else if (builder->deref)
return builder->deref(builder, ref);
else
return SPA_MEMBER(builder->data, ref, void);
else if (ref + 8 <= builder->size) {
struct spa_pod *pod = SPA_MEMBER(builder->data, ref, struct spa_pod);
if (SPA_POD_SIZE(pod) <= builder->size)
return pod;
}
return NULL;
}
static inline uint32_t
@ -126,25 +132,23 @@ spa_pod_builder_raw_padded(struct spa_pod_builder *builder, const void *data, ui
return ref;
}
static inline uint32_t spa_pod_builder_pop(struct spa_pod_builder *builder)
static inline void *spa_pod_builder_pop(struct spa_pod_builder *builder)
{
struct spa_pod_frame *frame = &builder->frame[--builder->depth], *top;
struct spa_pod_frame *frame, *top;
struct spa_pod *pod;
if (frame->ref != -1) {
struct spa_pod *pod = spa_pod_builder_deref(builder, frame->ref);
frame = &builder->frame[--builder->depth];
if ((pod = spa_pod_builder_deref(builder, frame->ref)) != NULL)
*pod = frame->pod;
}
top = builder->depth > 0 ? &builder->frame[builder->depth-1] : NULL;
builder->in_array = (top && (top->pod.type == SPA_POD_TYPE_ARRAY ||
top->pod.type == SPA_POD_TYPE_PROP));
spa_pod_builder_pad(builder, builder->offset);
return frame->ref;
return pod;
}
#define spa_pod_builder_pop_deref(b) \
spa_pod_builder_deref((b), spa_pod_builder_pop(b))
static inline uint32_t
spa_pod_builder_primitive(struct spa_pod_builder *builder, const struct spa_pod *p)
{

2
spa/plugins/alsa/alsa-utils.c
View file

@ -189,7 +189,7 @@ spa_alsa_enum_format(struct state *state, uint32_t *index,
}
spa_pod_builder_pop(&b);
fmt = spa_pod_builder_pop_deref(&b);
fmt = spa_pod_builder_pop(&b);
(*index)++;

2
spa/plugins/v4l2/v4l2-source.c
View file

@ -503,7 +503,7 @@ static int port_get_format(struct spa_node *node,
} else
return -EIO;
*param = spa_pod_builder_pop_deref(builder);
*param = spa_pod_builder_pop(builder);
return 1;
}

2
spa/tests/test-props.c
View file

@ -315,7 +315,7 @@ int main(int argc, char *argv[])
spa_pod_builder_raw(&b, rate_min_max, sizeof(rate_min_max));
spa_pod_builder_pop(&b);
fmt = spa_pod_builder_pop_deref(&b);
fmt = spa_pod_builder_pop(&b);
spa_debug_pod(&fmt->pod, 0);

2
spa/tests/test-props2.c
View file

@ -84,7 +84,7 @@ int main(int argc, char *argv[])
spa_pod_builder_pop(&b);
spa_pod_builder_pop(&b);
spa_pod_builder_pop(&b);
obj = spa_pod_builder_pop_deref(&b);
obj = spa_pod_builder_pop(&b);
spa_debug_pod(obj, 0);