mirrors/pipewire
1
0
Fork 0
mirror of https://gitlab.freedesktop.org/pipewire/pipewire.git synced 2026-05-02 06:46:36 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions
pipewire/spa
History
Wim Taymans 7982f52830 security: replace sprintf with snprintf in spa_debugc_mem 
Memory Safety: Medium

The spa_debugc_mem() function used unbounded sprintf() calls to format
hex dump output into a fixed 512-byte stack buffer. While the current
line-by-line output (16 bytes per line) fits within the buffer, sprintf
provides no overflow protection if the format changes or assumptions
are violated. Replace with snprintf() using sizeof(buffer) and remaining
space tracking to guarantee the buffer cannot be overflowed.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-29 11:33:25 +02:00
..
examples spa: examples: fix getopt usage + typos in adapter-control 2025-10-26 14:12:19 +00:00
include security: replace sprintf with snprintf in spa_debugc_mem 2026-04-29 11:33:25 +02:00
include-private/spa-private spa: move dbus helpers out of bluez plugin 2024-02-05 13:03:20 +00:00
lib spa: update lib.c 2026-03-09 18:33:32 +01:00
plugins filter-graph: protect against large values 2026-04-29 11:02:11 +02:00
tests spa/tests: remove unused #include <linux/limits.h> 2026-03-11 21:50:21 +00:00
tools tools: port various tools to the new json-builder 2026-02-26 10:51:17 +01:00
meson.build meson: Always use -fno-strict-aliasing and -fno-strict-overflow 2025-07-24 07:30:28 +00:00