Commit graph

  • c8f2edd94e module-avb: check ioctl for success Nils Tonnaett 2026-01-16 20:45:32 -08:00
  • 07533eb590 module-avb: check that PTP management response is complete Nils Tonnaett 2026-01-16 20:35:14 -08:00
  • 6c43bdfa85 module-avb: htobe16/be16toh to htons/ntohs Nils Tonnaett 2026-01-16 18:00:33 -08:00
  • 16189ae167 module-avb: add specs comments for PTP management message format Nils Tonnaett 2026-01-14 22:25:14 -08:00
  • fc6f2e33e2 module-avb: close ptp_fd when destroyed Nils Tonnaett 2026-01-14 22:23:47 -08:00
  • f752653814 module-avb: free gptp->ptp_mgmt_socket_path Nils Tonnaett 2026-01-13 18:14:07 -08:00
  • 54a9495715 module-avb: check ptp management socket periodically Nils Tonnaett 2026-01-13 17:40:13 -08:00
  • 4bc365cbb5 module-avb: add avb interface descriptor defines Nils Tonnaett 2025-11-18 13:20:17 -08:00
  • f29d7875cf connection: reject too large messages Wim Taymans 2026-05-01 13:04:02 +02:00
  • ceb80723a9 modules: unset buffer and size after alloc failure Wim Taymans 2026-05-01 13:02:00 +02:00
  • a4fb06073c modules: protect against invalid input and 0 division Wim Taymans 2026-05-01 12:42:53 +02:00
  • 6f6b58785e modules: handle allocation errors Wim Taymans 2026-05-01 12:29:54 +02:00
  • a55546c9df filter-chain: limit the number of graph in/out Wim Taymans 2026-05-01 11:49:15 +02:00
  • 6cc92c0e2b security: add missing NULL checks and fix error handling in modules Wim Taymans 2026-04-30 18:38:32 +02:00
  • 47ca937905 fix capture rate assignment using logical NOT instead of copy Wim Taymans 2026-04-30 18:38:26 +02:00
  • 4b64b81d21 security: fix crash and overflow bugs in network-facing modules Wim Taymans 2026-04-30 18:38:19 +02:00
  • c551408ec2 security: reject path traversal in echo-cancel aec_method parameter Wim Taymans 2026-04-30 17:44:28 +02:00
  • 5d0e806bdb security: limit blocklist regex length in switch-on-connect module Wim Taymans 2026-04-30 17:40:25 +02:00
  • dac6b4f2c5 security: clamp negative max-clients config to zero in pulse server Wim Taymans 2026-04-30 17:28:02 +02:00
  • c38a32e2e1 security: fix NULL pointer dereference in LADSPA sink/source modules Wim Taymans 2026-04-30 17:24:52 +02:00
  • 99a89f8bd4 security: fix stack overflow via strndupa on long device names Wim Taymans 2026-04-30 17:18:06 +02:00
  • 6ea673b68a security: fix issues in pulse module core files Wim Taymans 2026-04-30 17:02:03 +02:00
  • ef2541a1ef security: fix multiple issues in pulse module implementations Wim Taymans 2026-04-30 16:50:30 +02:00
  • 8e596bd85f impl-link: handle copy errors Wim Taymans 2026-04-30 16:41:43 +02:00
  • dfc5fd86a7 pulse: only fixate when necessary Wim Taymans 2026-04-30 16:27:15 +02:00
  • b7aae374bf pulse-server: keep allocate buffer size around Wim Taymans 2026-04-30 15:18:56 +02:00
  • 32648b7cc7 pulse: handle wraparound near the end correctly Wim Taymans 2026-04-30 14:14:59 +02:00
  • b9b93f3cdb pulse: use json builder for message handler output Wim Taymans 2026-04-30 13:53:20 +02:00
  • 96c3ada6f2 JSON: use the json builder instead of memstream and fprintf Wim Taymans 2026-04-30 13:23:23 +02:00
  • 4ddedc72cd security: add missing NULL checks after reply_new in stream creation Wim Taymans 2026-04-30 10:23:07 +02:00
  • f29a4e6e14 pulse-server: fix loading of defaults Wim Taymans 2026-04-30 10:11:38 +02:00
  • 57c621e654 server: use the right client_fd Wim Taymans 2026-04-30 10:00:53 +02:00
  • 4a34da368e security: fix potential buffer over-read in combine-sink name encoding Wim Taymans 2026-04-30 09:27:37 +02:00
  • 912f7f5c64 security: add missing NULL check after pw_properties_new in zeroconf Wim Taymans 2026-04-30 09:25:19 +02:00
  • e1f4c441f4 security: fix OOB read in IEC958 format enum parsing Wim Taymans 2026-04-30 09:19:41 +02:00
  • 390874e7c3 security: fix JSON injection in simple-protocol-tcp address Wim Taymans 2026-04-30 09:15:36 +02:00
  • 0ae17566f2 security: reject unknown tags in message_get to prevent va_arg desync Wim Taymans 2026-04-30 09:14:08 +02:00
  • d4a1278018 security: add missing create_tag checks in stream command handlers Wim Taymans 2026-04-29 18:26:01 +02:00
  • 6d2600c09d security: fix one-byte OOB read in module_args_add_props Wim Taymans 2026-04-29 18:24:13 +02:00
  • c6faaff410 security: add missing NULL check after strndup in cmd.c Wim Taymans 2026-04-29 18:21:16 +02:00
  • 8e7ca70352 security: add missing create_tag check in update_stream_sample_rate Wim Taymans 2026-04-29 18:20:04 +02:00
  • 890c06117a security: fix integer overflow in port latency offset conversion Wim Taymans 2026-04-29 18:19:03 +02:00
  • 6a8c2469c5 security: fix create_tag check to allow upload stream memblocks Wim Taymans 2026-04-29 18:16:52 +02:00
  • 3a3579ed68 security: fix operation counter leak in operation_complete Wim Taymans 2026-04-29 18:15:22 +02:00
  • 344c9265a6 security: fix JSON injection in pulse module arguments Wim Taymans 2026-04-29 17:56:12 +02:00
  • 7c2d8f7251 security: add missing NULL checks after message_alloc in reply Wim Taymans 2026-04-29 17:54:21 +02:00
  • 1b8962d7c2 security: fix JSON injection in native-protocol-tcp address Wim Taymans 2026-04-29 17:52:19 +02:00
  • c5c2d197dc security: fix JSON injection in LADSPA plugin/label strings Wim Taymans 2026-04-29 17:50:49 +02:00
  • bc4e1a989c security: reject zero-channel volume in PulseAudio message parsing Wim Taymans 2026-04-29 17:23:43 +02:00
  • 807b93fb05 security: add per-client pending sample limit in PulseAudio protocol Wim Taymans 2026-04-29 17:19:08 +02:00
  • 138e30df38 security: add per-client operation count limit in PulseAudio protocol Wim Taymans 2026-04-29 17:16:44 +02:00
  • f32295429f security: fix module leak on OOM in PulseAudio do_load_module Wim Taymans 2026-04-29 17:13:56 +02:00
  • 2d8dc8b457 security: fix JSON injection in PulseAudio do_set_default Wim Taymans 2026-04-29 17:09:50 +02:00
  • d3e1be8b6e security: fix division by zero in PulseAudio set_stream_buffer_attr Wim Taymans 2026-04-29 17:08:17 +02:00
  • cd7bb1e37d security: validate sample rate in PulseAudio update_stream_sample_rate Wim Taymans 2026-04-29 16:50:43 +02:00
  • 5f02641859 security: add missing NULL check in PulseAudio message_dump Wim Taymans 2026-04-29 16:44:01 +02:00
  • 9c1bc64af4 security: add missing NULL check after message_alloc in PulseAudio server Wim Taymans 2026-04-29 16:42:59 +02:00
  • 52afec565b security: add total sample cache size limit in PulseAudio protocol Wim Taymans 2026-04-29 16:39:57 +02:00
  • 37990b5e90 security: add per-client stream limit in PulseAudio protocol Wim Taymans 2026-04-29 16:28:05 +02:00
  • 80ec1f1d10 security: fix JSON injection in PulseAudio stream-restore Wim Taymans 2026-04-29 16:16:44 +02:00
  • a2de6c886e security: fix NULL dereference in PulseAudio handle_memblock Wim Taymans 2026-04-29 16:12:49 +02:00
  • 808bcf39cd security: fix heap OOB read in PulseAudio sample cache playback Wim Taymans 2026-04-29 16:10:44 +02:00
  • c1f6cde926 raop: handle strdup allocation error Wim Taymans 2026-04-29 15:52:46 +02:00
  • d23ec56f0d security: fix stack buffer overflow in PulseAudio channel map parsing Wim Taymans 2026-04-29 15:49:50 +02:00
  • 0c4a0dcf7d security: fix file descriptor leak in PulseAudio server on_connect error path Wim Taymans 2026-04-29 14:15:18 +02:00
  • 398326f19c security: add missing NULL checks after calloc in Bluetooth backend Wim Taymans 2026-04-29 14:14:20 +02:00
  • d4cf1d0d6f security: bound alloca size for udev property strings Wim Taymans 2026-04-29 14:10:34 +02:00
  • 6bcefd0d59 security: add missing NULL checks after calloc/strdup in filter-graph Wim Taymans 2026-04-29 14:08:41 +02:00
  • 715d1736e9 security: add missing NULL checks after calloc in LADSPA plugin Wim Taymans 2026-04-29 14:07:52 +02:00
  • 5f50055750 security: add iteration limit to netjack2 sync wait loops Wim Taymans 2026-04-29 14:18:41 +02:00
  • c21616d1ee security: check netjack2_init return value in driver Wim Taymans 2026-04-29 14:08:06 +02:00
  • 0816d4a2fd security: reduce MAX_PERMISSIONS to limit alloca stack usage Wim Taymans 2026-04-29 13:33:51 +02:00
  • c3c11e4c76 security: add max packet limit to netjack2 recv_data loop Wim Taymans 2026-04-29 13:33:04 +02:00
  • 110495ed9f security: fix unchecked write_event return value in RTP MIDI Wim Taymans 2026-04-29 13:32:31 +02:00
  • 739e2d1107 netjack2: handle sync_wait errors Wim Taymans 2026-04-29 13:56:11 +02:00
  • 3d414960c2 security: clamp netjack2 sync.frames to quantum limit Wim Taymans 2026-04-29 13:42:49 +02:00
  • c5083e7f32 impl-core: gate portal clients on stolen-fd reconnect Charles 2026-04-29 09:44:15 +01:00
  • 593132e434 security: fix error path resource leaks in netjack2 manager Wim Taymans 2026-04-29 13:21:21 +02:00
  • 4ac5364004 security: add max followers limit to netjack2 manager Wim Taymans 2026-04-29 13:10:46 +02:00
  • 7dee2c158f security: fix integer overflow in netjack2 opus encoded size calculation Wim Taymans 2026-04-29 12:39:37 +02:00
  • be4fe881e3 security: validate opus encoded length in netjack2 recv Wim Taymans 2026-04-29 12:37:55 +02:00
  • 3a77f9c28a security: fix OOB read in netjack2 MIDI buffer parsing Wim Taymans 2026-04-29 12:30:37 +02:00
  • 0186bccdce netjack2: account for overhead Wim Taymans 2026-04-29 12:15:41 +02:00
  • 2af9e879a7 netjack2: use peer params name and follower_name Wim Taymans 2026-04-29 11:59:55 +02:00
  • bc93a745ab security: add missing NULL check after strdup in MIDI server Wim Taymans 2026-04-29 11:36:53 +02:00
  • acabcf085d security: add missing NULL checks after strdup/calloc in backend-hsphfpd Wim Taymans 2026-04-29 11:36:32 +02:00
  • c3c1216633 security: add missing NULL check after strdup in reserve Wim Taymans 2026-04-29 11:35:31 +02:00
  • 4de0f83aca security: add missing NULL checks after realloc/strdup in LV2 plugin Wim Taymans 2026-04-29 11:35:08 +02:00
  • dcf28ff248 security: add missing NULL checks after strdup in modemmanager Wim Taymans 2026-04-29 11:34:37 +02:00
  • 9a4e0e4c85 security: fix format string vulnerability in hook.h example code Wim Taymans 2026-04-29 11:33:44 +02:00
  • 7982f52830 security: replace sprintf with snprintf in spa_debugc_mem Wim Taymans 2026-04-29 11:33:25 +02:00
  • 106f641ff3 security: add missing NULL check after strdup in pw_strv_insert Wim Taymans 2026-04-28 13:24:05 +02:00
  • e474303991 security: add missing NULL checks after strdup/strndup in pw_split_strv Wim Taymans 2026-04-28 13:23:42 +02:00
  • ec04c4bf9a security: add missing NULL check after strdup in pw-dump Wim Taymans 2026-04-28 13:20:33 +02:00
  • 43931caccb security: add missing NULL check after strdup in context factory registry Wim Taymans 2026-04-28 13:20:13 +02:00
  • 640af6b20f security: add missing NULL checks after strdup in data-loop Wim Taymans 2026-04-28 13:19:54 +02:00
  • 382533da96 security: add missing NULL checks after strdup in impl-metadata Wim Taymans 2026-04-28 13:19:29 +02:00
  • eaaf125d13 filter-graph: protect against large values Wim Taymans 2026-04-29 11:02:11 +02:00
  • 72b9577d3c filter: avoid losing buffers in some cases Wim Taymans 2026-04-28 14:55:13 +02:00
  • 08efbf2254 security: add missing NULL check after calloc in plugin_builtin Wim Taymans 2026-04-28 12:35:48 +02:00