From f9d8bdb9b852243408cb93af5da6110c93298106 Mon Sep 17 00:00:00 2001
From: Wim Taymans <wtaymans@redhat.com>
Date: Mon, 6 Sep 2021 13:57:39 +0200
Subject: [PATCH] spa: improve param result handling

Check if we actually managed to add the param to the builder before we
try to deref it.
Use a safer deref that checks the sizes of the pod and builder.
---
 spa/include/spa/monitor/utils.h | 5 +++--
 spa/include/spa/node/utils.h    | 5 +++--
 2 files changed, 6 insertions(+), 4 deletions(-)

diff --git a/spa/include/spa/monitor/utils.h b/spa/include/spa/monitor/utils.h
index 0dd116fd1..7a3e7ced6 100644
--- a/spa/include/spa/monitor/utils.h
+++ b/spa/include/spa/monitor/utils.h
@@ -45,9 +45,10 @@ static inline void spa_result_func_device_params(void *data, int seq, int res,
 	const struct spa_result_device_params *r =
 		(const struct spa_result_device_params *)result;
 	uint32_t offset = d->builder->state.offset;
-	spa_pod_builder_raw_padded(d->builder, r->param, SPA_POD_SIZE(r->param));
+	if (spa_pod_builder_raw_padded(d->builder, r->param, SPA_POD_SIZE(r->param)) < 0)
+		return;
 	d->data.next = r->next;
-	d->data.param = SPA_PTROFF(d->builder->data, offset, struct spa_pod);
+	d->data.param = spa_pod_builder_deref(d->builder, offset);
 }
 
 static inline int spa_device_enum_params_sync(struct spa_device *device,
diff --git a/spa/include/spa/node/utils.h b/spa/include/spa/node/utils.h
index ec02d7b81..9503d8bbf 100644
--- a/spa/include/spa/node/utils.h
+++ b/spa/include/spa/node/utils.h
@@ -51,9 +51,10 @@ static inline void spa_result_func_node_params(void *data,
 	const struct spa_result_node_params *r =
 		(const struct spa_result_node_params *) result;
 	uint32_t offset = d->builder->state.offset;
-	spa_pod_builder_raw_padded(d->builder, r->param, SPA_POD_SIZE(r->param));
+	if (spa_pod_builder_raw_padded(d->builder, r->param, SPA_POD_SIZE(r->param)) < 0)
+		return;
 	d->data.next = r->next;
-	d->data.param = SPA_PTROFF(d->builder->data, offset, struct spa_pod);
+	d->data.param = spa_pod_builder_deref(d->builder, offset);
 }
 
 static inline int spa_node_enum_params_sync(struct spa_node *node,