mirrors/pipewire
1
0
Fork 0
mirror of https://gitlab.freedesktop.org/pipewire/pipewire.git synced 2025-11-02 09:01:50 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

filter: return error if id cannot be dereferenced

Browse source 
If an ID cannot be de-referenced, e.g., because the builder buffer is
too small, spa_pod_filter() still reports success, but the result is
NULL. Any subsequent access to result will cause a segfault.

Return an error if no pod is found to properly propagate and handle the
error.

The segfault can be reproduced by using the v4l2 module with Vivid
devices [0], because the buffer for the v4l2 controls is too small.

[0] https://github.com/PipeWire/pipewire/issues/138
This commit is contained in:
Michael Tretter 2019-06-28 14:00:36 +02:00 committed by Wim Taymans
parent 5fa7630934
commit 94ffe88b65
1 changed files with 2 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

2
spa/include/spa/pod/filter.h
View file

@ -359,6 +359,8 @@ spa_pod_filter(struct spa_pod_builder *b,
if (filter == NULL) {
spa_pod_builder_raw_padded(b, pod, SPA_POD_SIZE(pod));
*result = (struct spa_pod*)b->data;
if (!*result)
return -EINVAL;
return 0;
}