mirrors/pipewire
1
0
Fork 0
mirror of https://gitlab.freedesktop.org/pipewire/pipewire.git synced 2026-05-03 06:47:04 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

security: add missing NULL check after strndup in cmd.c

Browse source 
strndup can return NULL under OOM. The result was passed directly to
spa_json_begin_array which would dereference the NULL pointer.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
This commit is contained in:
Wim Taymans 2026-04-29 18:21:16 +02:00
parent 8e7ca70352
commit c6faaff410
1 changed files with 2 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

2
src/modules/module-protocol-pulse/cmd.c
View file

@ -73,6 +73,8 @@ static int parse_cmd(void *user_data, const char *location,
int res = 0;
spa_autofree char *s = strndup(str, len);
if (s == NULL)
return -errno;
if (spa_json_begin_array(&it[0], s, len) < 0) {
pw_log_error("config file error: pulse.cmd is not an array");
return -EINVAL;