mirrors/pipewire
1
0
Fork 0
mirror of https://gitlab.freedesktop.org/pipewire/pipewire.git synced 2026-04-25 06:46:40 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions
pipewire/pipewire-jack
History
Wim Taymans 9cf4d05c9e security: fix unbounded strcpy for JACK port names 
Memory Safety: Medium

strcpy was used to copy port names into fixed-size buffers
(REAL_JACK_PORT_NAME_SIZE+1) without explicit bounds checking.
Port names originate from JACK client API calls and PipeWire
port info, which are external inputs. Replaced with snprintf
using sizeof(destination) to guarantee the copy is always
bounded, preventing potential buffer overflows if source
strings exceed the expected maximum length.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-23 16:25:16 +02:00
..
examples pipewire-jack: examples: video-dsp-play: add missing includes 2025-02-02 14:25:08 +01:00
jack jack: use a new JackPortIsMIDI2 flag 2025-01-27 13:05:21 +01:00
src security: fix unbounded strcpy for JACK port names 2026-04-23 16:25:16 +02:00
meson.build [Meson] Change jack-devel option to be boolean 2021-08-06 07:56:16 +00:00