mirrors/pipewire
1
0
Fork 0
mirror of https://gitlab.freedesktop.org/pipewire/pipewire.git synced 2026-05-06 06:46:29 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions
15330 commits 6 branches 159 tags 62 MiB
Commit graph

15330 commits

This branch
This branch
All branches
Author SHA1 Message Date
Wim Taymans
bceaf1a212 vulkan: handle mmap failure 2026-05-06 11:57:52 +02:00
Wim Taymans
59a5392850 vulkan: fix the open() flags 
The second argument are the flags, the mode is not needed for
RDONLY. Accidentally works because O_RDONLY is 0 but ignored the
O_CLOEXEC flags.
 2026-05-06 11:57:52 +02:00
Wim Taymans
364436dd31 rtp-sap: handle out-of-bound SAP packet read 
If the SAP packet contains the MIME type string but no SDP payload after it,
sdp would point past the null-terminated buffer. Check that we are
still inside the packet before parsing the SDP.
 2026-05-06 11:57:52 +02:00
Wim Taymans
d32a21c4ee rtp-sap: handle uninitialized avail 
When the ioctl fails, avail might be uninitialized. Check the ioctl
return value and handle invalid avail.
 2026-05-06 11:57:52 +02:00
Wim Taymans
c4a2f9b480 rtp-sap: also handle short reads 
Don't only handle -1 errors from read but also short reads that could
leave the buffer with uninitialized data.
 2026-05-06 11:57:52 +02:00
Wim Taymans
ca46444d13 netjack2: limit period_size to quantum_limit 
To avoid large periods that might not fit in the quantum.
 2026-05-06 11:57:52 +02:00
Wim Taymans
aa29fefbd2 vban: limit the stream_name 
The stream_name from the network is not 0 terminated so limit the
string to the max size.
 2026-05-06 11:57:52 +02:00
Wim Taymans
8907d0860b modules: loop_add_io with close=true owns the fd 
We should not close the fd when loop_add_io with close=true fails
because the fd is already closed.
 2026-05-06 11:57:51 +02:00
Barnabás Pőcze
eec372ba9d bluez5: require RegisterApplication() support 
The `{Un}Register{Endpoint,Player}()` functions of the `org.bluez.Media1`
interface were deprecated with the introduction of the `{Un}RegisterApplication()`
functions[0][1]. Fallback to the deprecated interfaces has been present for a
long time in pipewire, but those parts in their current form are prone to
use-after-free issues (#5096). Instead of fixing them, remove them as they
have been deprecated for a long time. The first version of bluez that supports
the new interfaces is 5.51, released on 2019-09-19 [2].

[0]: https://git.kernel.org/pub/scm/bluetooth/bluez.git/commit/?id=65bd68b907a95b4748df6929383a833ecfb4b660
[1]: https://git.kernel.org/pub/scm/bluetooth/bluez.git/commit/?id=01f8fc2997524d85817adb8176e542bac9d0cdfa
[2]: https://git.kernel.org/pub/scm/bluetooth/bluez.git/commit/?h=5.51&id=6de4bdb957cdc85d89851420ab06ca8e226f8d4e
 2026-05-05 18:40:13 +02:00
Pauli Virtanen
31f0300c48 bluez5: fix wrong use of send_with_reply in HFP backends 
The pattern if (!send_with_reply(...)) leaks DBusPendingCall and is
UAF prone.

Replace these with proper tracking and cancellation of the pending
calls in HFP backends.
 2026-05-05 16:20:34 +00:00
Pauli Virtanen
81470db44f bluez5: lc3plus: add missing #include 2026-05-05 16:20:34 +00:00
Wim Taymans
620b18e9d8 zeroconf: check for NULL before doing strdup 
Reject zeroconf entries without name, type, domain or host_name.
 2026-05-05 18:17:42 +02:00
Wim Taymans
f57a2e9680 loop: add spa_goto_if_fail and use in loop_enter 
When we lock and enter the loop but it is not the right thread, unlock
it again after logging an error. Otherwise we might deadlock.
 2026-05-05 17:50:39 +02:00
Wim Taymans
593b5cf148 protocol-simple: close client_fd when client alloc fails 2026-05-05 17:19:06 +02:00
Wim Taymans
b9761926df netjack2: go to the right error label 
socket_failed is for when the socket fd failed, otherwise we need to do
cleanup.
 2026-05-05 17:14:02 +02:00
Wim Taymans
c2bf8c920e protocol-native: close fd and unset env in all cases 
If we find the fd valid, we must attempt to close it.
Also unset the env variable when we read and processed it, even if
there was an error.
 2026-05-05 17:09:12 +02:00
Wim Taymans
aa6fa6bdc3 modules: make sure we don't deref potential NULL 2026-05-05 16:39:27 +02:00
Wim Taymans
9124a09482 modules: handle allocation error of properties 2026-05-05 16:34:15 +02:00
Wim Taymans
f8a76d9f00 protocol-native: handle allocation failures 2026-05-05 16:26:25 +02:00
Wim Taymans
ea25c3f2b1 alsa-plugin: clean up the error handling 
Also catch property copy errors.
 2026-05-05 16:25:56 +02:00
Wim Taymans
6eac1efb20 jack: handle allocation errors better 2026-05-05 16:11:02 +02:00
Wim Taymans
01b2af13c7 pulse-server: handle strdup error 2026-05-05 14:54:43 +02:00
Wim Taymans
899051169e netjack2: handle property allocation failures 2026-05-05 14:51:43 +02:00
Wim Taymans
2ac7c81958 pipewire: handle allocation failures 
And make sure we don't leak things in the error paths.
 2026-05-05 14:44:39 +02:00
Wim Taymans
67e8da3390 modules: handle some allocation failures 2026-05-05 14:44:18 +02:00
Wim Taymans
3db8038652 modules: avoid useless props copy 
We can use the properties we passed to the node.
 2026-05-05 14:15:44 +02:00
Wim Taymans
c8b9b44d40 alsa: clean up the pitch element on errors 2026-05-05 14:15:13 +02:00
Wim Taymans
9946f5ec77 modules: handle some more allocation errors 2026-05-05 14:14:52 +02:00
Wim Taymans
379b4a8747 introspect: handle strdup failures 
Abort and clean up the dict copy when allocation fails.
 2026-05-05 13:50:39 +02:00
Wim Taymans
dd695ee5a7 modules: handle allocation errors gracefully 2026-05-05 13:10:21 +02:00
Wim Taymans
24f9b9a335 acp: handle channel map allocation errors 2026-05-05 13:09:41 +02:00
Wim Taymans
7bfc820ae8 filter-graph: handle allocation errors and do cleanup 
Make sure clean up everything on error.
 2026-05-05 12:53:10 +02:00
Wim Taymans
9972df2614 convert: use static string for convertname 
We only use it for debugging and checking if it's the default
converter.
 2026-05-05 12:51:55 +02:00
Wim Taymans
06ba2f792d bluez5: handle fd allocation errors 
For the timers, only set the data after we allocated the fd because this
is checked to free the fd again later.
 2026-05-05 11:37:18 +02:00
Wim Taymans
96594d6716 plugins: handle some fd allocation errors 2026-05-05 11:36:45 +02:00
Wim Taymans
09dda9e4e0 avb: clean up on allocation errors 2026-05-05 11:35:54 +02:00
Wim Taymans
3ef2b77915 pipewire: fix some allocation errors 
Also fix a string leak in the device error path.
 2026-05-05 11:08:52 +02:00
Barnabás Pőcze
ccfb61efa4 treewide: make more file descriptors cloexec 
Avoid file descriptor leakage into child processes by marking them `O_CLOEXEC`.
 2026-05-04 19:48:41 +02:00
Wim Taymans
8344117e7b avb: free the ringbuffer 2026-05-04 18:43:56 +02:00
Wim Taymans
f91b98a812 stream: check buffer_id in reuse_buffer 2026-05-04 18:42:52 +02:00
Alyssa Ross
49ce385c44
test: move SPA_NORETURN attributes to header 
Otherwise, when building with fortify-headers, I get an error because
the compiler doesn't know pwtest_ptr_notnull will not return if the
passed pointer is null, so it doesn't know the pointer subsequently
passed to memmove via pw_array_remove will be non-null.

	In file included from ../spa/include/spa/utils/defs.h:11,
	                 from ../spa/include/spa/utils/string.h:15,
	                 from ../test/pwtest.h:15,
	                 from ../test/test-array.c:7:
	In function ‘memmove’,
	    inlined from ‘array_test’ at ../test/test-array.c:66:2:
	/nix/store/9031y56lsf4mq177s68ql1axsf241r7j-fortify-headers-3.0.1/include/string.h:77:16: error: argument 1 is null but the corresponding size argument 3 value is [8, 18446744073709551615] [-Werror=nonnull]
	   77 |         return __orig_memmove(__d, __s, __n);
	      |                ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~
	/nix/store/9031y56lsf4mq177s68ql1axsf241r7j-fortify-headers-3.0.1/include/string.h:77:16: warning: ‘__orig_memmove’ reading 8 or more bytes from a region of size 0 [-Wstringop-overread]
	In function ‘array_test’:
	cc1: note: source object is likely at address zero
	In file included from /nix/store/9031y56lsf4mq177s68ql1axsf241r7j-fortify-headers-3.0.1/include/stdlib.h:33,
	                 from ../spa/include/spa/utils/string.h:11:
	/nix/store/9031y56lsf4mq177s68ql1axsf241r7j-fortify-headers-3.0.1/include/string.h:69:1: note: in a call to function ‘__orig_memmove’ declared with attribute ‘access (read_only, 2, 3)’
	   69 | _FORTIFY_FN(memmove) void *memmove(void * _FORTIFY_POS0 __d,
	      | ^~~~~~~~~~~
 2026-05-04 17:51:58 +02:00
Wim Taymans
96ef2728b8 alsa-plugin: handle allocation errors 
Make sure we don't leak channel maps.
 2026-05-04 16:35:02 +02:00
Wim Taymans
c263a52ab7 audioconvert: reuse hist_mem as window scratch space 
Instead of allocating a potentially unsafe 1MB array on the stack to
store the window, reuse the hist_mem, which has more than enough space
as a scratch space for the window.
 2026-05-04 16:26:20 +02:00
Wim Taymans
057ae16504 bluez5: handle some allocation failures 2026-05-04 14:27:34 +02:00
Wim Taymans
6539c2bf8c fix some allocation failures 2026-05-04 14:18:31 +02:00
Wim Taymans
8cf1164eb6 midifile: reject midi files with invalid values 
>64 tracks will overflow the track array and a division of 0 will cause
a division by zero later.
 2026-05-04 14:13:09 +02:00
Wim Taymans
c4b198962c jack-tunnel: pass bytes to jack_to_midi 
When the buffer has n_samples, we have n_samples * sizeof(float) bytes
to fill with midi.
 2026-05-04 13:51:55 +02:00
Wim Taymans
bd8eab3ffb raop: handle allocation error and avoid crash later 2026-05-04 13:46:09 +02:00
Wim Taymans
782986baa1 filter-graph: guard against overflow of graph input/output 2026-05-04 13:42:14 +02:00
Wim Taymans
ed33b4d877 jack: dlclose on errors 2026-05-04 13:20:00 +02:00