mirrors/pipewire
1
0
Fork 0
mirror of https://gitlab.freedesktop.org/pipewire/pipewire.git synced 2026-04-07 08:21:11 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

only dlopen from the defined search paths

Browse source 
Don't accept absolute library paths and skip the ../ in paths to avoid
opening arbitrary libraries from unexpected places.
This commit is contained in:
Wim Taymans 2026-04-06 14:18:22 +02:00
parent ad0bab69a1
commit 8fd7982087
4 changed files with 51 additions and 50 deletions
Download patch file Download diff file Expand all files Collapse all files

51
spa/plugins/filter-graph/plugin_ladspa.c
View file

@ -236,40 +236,37 @@ static inline const char *split_walk(const char *str, const char *delimiter, siz
static int load_ladspa_plugin(struct plugin *impl, const char *path)
{
int res = -ENOENT;
const char *search_dirs, *p, *state = NULL;
char filename[PATH_MAX];
size_t len;
if (path[0] != '/') {
const char *search_dirs, *p, *state = NULL;
char filename[PATH_MAX];
size_t len;
while ((p = strstr(path, "../")) != NULL)
path = p + 3;
search_dirs = getenv("LADSPA_PATH");
if (!search_dirs)
search_dirs = "/usr/lib64/ladspa:/usr/lib/ladspa:" LIBDIR;
search_dirs = getenv("LADSPA_PATH");
if (!search_dirs)
search_dirs = "/usr/lib64/ladspa:/usr/lib/ladspa:" LIBDIR;
/*
* set the errno for the case when `ladspa_handle_load_by_path()`
* is never called, which can only happen if the supplied
* LADSPA_PATH contains too long paths
*/
res = -ENAMETOOLONG;
/*
* set the errno for the case when `ladspa_handle_load_by_path()`
* is never called, which can only happen if the supplied
* LADSPA_PATH contains too long paths
*/
res = -ENAMETOOLONG;
while ((p = split_walk(search_dirs, ":", &len, &state))) {
int namelen;
while ((p = split_walk(search_dirs, ":", &len, &state))) {
int namelen;
if (len >= sizeof(filename))
continue;
if (len >= sizeof(filename))
continue;
namelen = snprintf(filename, sizeof(filename), "%.*s/%s.so", (int) len, p, path);
if (namelen < 0 || (size_t) namelen >= sizeof(filename))
continue;
namelen = snprintf(filename, sizeof(filename), "%.*s/%s.so", (int) len, p, path);
if (namelen < 0 || (size_t) namelen >= sizeof(filename))
continue;
res = ladspa_handle_load_by_path(impl, filename);
if (res >= 0)
break;
}
}
else {
res = ladspa_handle_load_by_path(impl, path);
res = ladspa_handle_load_by_path(impl, filename);
if (res >= 0)
break;
}
return res;
}