Memory Safety: Medium
sprintf was used to format a /proc path without bounds checking.
While pid_t values are practically bounded, using snprintf with
sizeof(root_path) ensures the buffer cannot overflow regardless
of the input value, following defense-in-depth principles.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
We use the remote name as a suffix for the default server address and so
it should not contain any slashes. Take everything after the last slash
if there is one.
Always first use the env var and then check the properties. So that
PIPEWIRE_CORE=pipewire-1 PIPEWIRE_REMOTE=pipewire-1 make run runs
everything on pipewire-1 sockets regardless of the config files.
Also PIPEWIRE_NODE always needs to be taken into account first.
`getpwuid_r()` puts the strings pointed to from the returned
passwd struct into the specified buffer. Previously, that
buffer technically didn't live long enough to be usable
in the `snprintf()` call - although in practice this didn't
appear to be a problem. A particular version of GCC 11 generates
the same machine code for this function regardless whether
this patch is applied or not. Still, fix this by moving
the buffer to an outer scope.
