mirrors/pipewire
1
0
Fork 0
mirror of https://gitlab.freedesktop.org/pipewire/pipewire.git synced 2026-05-04 06:46:24 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

spa: add spa_alloca that does overflow and limit checks

Browse source 
Make a function like alloca but with overflow checks and a max
allocation size.

Use this function where we can and also make sure that all alloca calls
are in some way limited.
This commit is contained in:
Wim Taymans 2026-04-27 10:53:44 +02:00
parent a9f1ad414e
commit ed2c0ad4ee
10 changed files with 84 additions and 51 deletions
Download patch file Download diff file Expand all files Collapse all files

7
src/modules/module-protocol-pulse/message.c
View file

@ -532,12 +532,13 @@ static void add_stream_group(struct message *m, struct spa_dict *dict, const cha
else
return;
write_string(m, key);
l = strlen(prefix) + strlen(id) + strlen(str) + 6; /* "-by-" , ":" and \0 */
if (l < 0 || l > 1024)
if (l < 0 || l > 4096)
return;
write_string(m, key);
b = alloca(l);
snprintf(b, l, "%s-by-%s:%s", prefix, id, str);
spa_scnprintf(b, l, "%s-by-%s:%s", prefix, id, str);
write_u32(m, l);
write_arbitrary(m, b, l);
}