mirror of
https://gitlab.freedesktop.org/pipewire/pipewire.git
synced 2026-05-04 06:46:24 -04:00
7465199fff
Input Validation: High The WebSocket HTTP reply parser used atoi() to parse the Content-Length header from network data. atoi() does not detect overflow or invalid input, and its int return value was assigned to a size_t, meaning a negative value from a malicious server would silently convert to a very large unsigned value, potentially causing excessive memory allocation. Replaced with spa_atou32() which validates the entire string is a valid number and fits in uint32_t, plus an explicit upper bound (16 MB) on content length to prevent resource exhaustion. Similarly, pw_websocket_listen() used atoi() to parse the port number into a uint16_t without validation. Replaced with spa_atou32() and a range check against 65535. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> |
||
|---|---|---|
| .. | ||
| regress.h | ||
| sendspin.h | ||
| teeny-sha1.c | ||
| websocket.c | ||
| websocket.h | ||