mirrors/pipewire
1
0
Fork 0
mirror of https://gitlab.freedesktop.org/pipewire/pipewire.git synced 2025-11-01 22:58:50 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

modules: fix missing free/close and length checks

Browse source 
Fix some missing free and close.

Fix not checking length of received netjack data.
This commit is contained in:
Pauli Virtanen 2025-06-14 15:24:05 +03:00
parent baadda3b67
commit dc618d37c6
3 changed files with 13 additions and 8 deletions
Download patch file Download diff file Expand all files Collapse all files

2
src/modules/module-netjack2/peer.c
View file

@ -815,6 +815,8 @@ static int netjack2_recv_midi(struct netjack2_peer *peer, struct nj2_packet_head
if ((len = recv(peer->fd, buffer, packet_size, 0)) < 0) if ((len = recv(peer->fd, buffer, packet_size, 0)) < 0)
return -errno; return -errno;
if ((size_t)len < sizeof(*header))
return -EINVAL;
active_ports = peer->params.recv_midi_channels; active_ports = peer->params.recv_midi_channels;
if (active_ports == 0) if (active_ports == 0)

13
src/modules/module-protocol-simple.c
View file

@ -665,8 +665,9 @@ static int make_tcp_socket(struct server *server, const char *name, const char *
const char *ifaddress) const char *ifaddress)
{ {
struct sockaddr_storage addr; struct sockaddr_storage addr;
int res, fd, on; int res, on;
socklen_t len = 0; socklen_t len = 0;
spa_autoclose int fd = -1;
if ((res = pw_net_parse_address_port(name, ifaddress, DEFAULT_PORT, &addr, &len)) < 0) { if ((res = pw_net_parse_address_port(name, ifaddress, DEFAULT_PORT, &addr, &len)) < 0) {
pw_log_error("%p: can't parse address %s: %s", server, pw_log_error("%p: can't parse address %s: %s", server,
@ -693,26 +694,24 @@ static int make_tcp_socket(struct server *server, const char *name, const char *
if (bind(fd, (struct sockaddr *) &addr, len) < 0) { if (bind(fd, (struct sockaddr *) &addr, len) < 0) {
res = -errno; res = -errno;
pw_log_error("%p: bind() failed: %m", server); pw_log_error("%p: bind() failed: %m", server);
goto error_close; goto error;
} }
if (listen(fd, 5) < 0) { if (listen(fd, 5) < 0) {
res = -errno; res = -errno;
pw_log_error("%p: listen() failed: %m", server); pw_log_error("%p: listen() failed: %m", server);
goto error_close; goto error;
} }
if (getsockname(fd, (struct sockaddr *)&addr, &len) < 0) { if (getsockname(fd, (struct sockaddr *)&addr, &len) < 0) {
res = -errno; res = -errno;
pw_log_error("%p: getsockname() failed: %m", server); pw_log_error("%p: getsockname() failed: %m", server);
goto error_close; goto error;
} }
server->type = SERVER_TYPE_TCP; server->type = SERVER_TYPE_TCP;
server->addr = addr; server->addr = addr;
return fd; return spa_steal_fd(fd);
error_close:
close(fd);
error: error:
return res; return res;
} }

6
src/modules/module-rtp-sap.c
View file

@ -1478,6 +1478,8 @@ static int parse_sdp(struct impl *impl, char *sdp, struct sdp_info *info)
int count = 0, res = 0; int count = 0, res = 0;
size_t l; size_t l;
spa_zero(*info);
while (*s) { while (*s) {
if ((l = strcspn(s, "\r\n")) < 2) if ((l = strcspn(s, "\r\n")) < 2)
goto too_short; goto too_short;
@ -1523,12 +1525,15 @@ static int parse_sdp(struct impl *impl, char *sdp, struct sdp_info *info)
return 0; return 0;
too_short: too_short:
pw_log_warn("SDP: line starting with `%.6s...' too short", s); pw_log_warn("SDP: line starting with `%.6s...' too short", s);
clear_sdp_info(info);
return -EINVAL; return -EINVAL;
invalid_version: invalid_version:
pw_log_warn("SDP: invalid first version line `%*s'", (int)l, s); pw_log_warn("SDP: invalid first version line `%*s'", (int)l, s);
clear_sdp_info(info);
return -EINVAL; return -EINVAL;
error: error:
pw_log_warn("SDP: error: %s", spa_strerror(res)); pw_log_warn("SDP: error: %s", spa_strerror(res));
clear_sdp_info(info);
return res; return res;
} }
@ -1570,7 +1575,6 @@ static int parse_sap(struct impl *impl, void *data, size_t len)
pw_log_debug("got SAP: %s %s", mime, sdp); pw_log_debug("got SAP: %s %s", mime, sdp);
spa_zero(info);
if ((res = parse_sdp(impl, sdp, &info)) < 0) if ((res = parse_sdp(impl, sdp, &info)) < 0)
return res; return res;