mirrors/pipewire
1
0
Fork 0
mirror of https://gitlab.freedesktop.org/pipewire/pipewire.git synced 2026-04-25 06:46:40 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions
pipewire/pipewire-jack/src
History
Wim Taymans 9cf4d05c9e security: fix unbounded strcpy for JACK port names 
Memory Safety: Medium

strcpy was used to copy port names into fixed-size buffers
(REAL_JACK_PORT_NAME_SIZE+1) without explicit bounds checking.
Port names originate from JACK client API calls and PipeWire
port info, which are external inputs. Replaced with snprintf
using sizeof(destination) to guarantee the copy is always
bounded, preventing potential buffer overflows if source
strings exceed the expected maximum length.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-23 16:25:16 +02:00
..
control.c jack: make jackctl_server_close() succeed (still dummy) 2024-08-29 14:22:58 +02:00
dummy.c treewide: use SPDX tags to specify copyright information 2023-02-16 10:54:48 +00:00
export.c treewide: use SPDX tags to specify copyright information 2023-02-16 10:54:48 +00:00
meson.build pipewire-jack: emit foreign port registration callbacks on jack_activate 2026-03-13 09:21:20 +01:00
metadata.c Jack: Added missing lock to jack API call 2024-02-08 10:20:12 +01:00
net.c treewide: use SPDX tags to specify copyright information 2023-02-16 10:54:48 +00:00
pipewire-jack-extensions.h jack: Add UMP to MIDI conversions 2024-07-29 18:15:58 +02:00
pipewire-jack.c security: fix unbounded strcpy for JACK port names 2026-04-23 16:25:16 +02:00
pw-jack.in pipewire-jack: Disable LD_LIBRARY_PATH when libjack is in libdir 2023-09-15 08:49:36 +00:00
ringbuffer.c add spa_memcpy to more places 2026-04-16 12:16:06 +02:00
statistics.c treewide: use SPDX tags to specify copyright information 2023-02-16 10:54:48 +00:00
uuid.c treewide: use SPDX tags to specify copyright information 2023-02-16 10:54:48 +00:00