pipewire

mirror of https://gitlab.freedesktop.org/pipewire/pipewire.git synced 2026-05-03 06:47:04 -04:00

Wim Taymans 7982f52830 security: replace sprintf with snprintf in spa_debugc_mem Memory Safety: Medium The spa_debugc_mem() function used unbounded sprintf() calls to format hex dump output into a fixed 512-byte stack buffer. While the current line-by-line output (16 bytes per line) fits within the buffer, sprintf provides no overflow protection if the format changes or assumptions are violated. Replace with snprintf() using sizeof(buffer) and remaining space tracking to guarantee the buffer cannot be overflowed. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-04-29 11:33:25 +02:00
..
spa	security: replace sprintf with snprintf in spa_debugc_mem	2026-04-29 11:33:25 +02:00
meson.build	spa: expose utils/cleanup.h for external users	2023-10-11 19:56:11 +02:00

Wim Taymans 7982f52830 security: replace sprintf with snprintf in spa_debugc_mem

Memory Safety: Medium

The spa_debugc_mem() function used unbounded sprintf() calls to format
hex dump output into a fixed 512-byte stack buffer. While the current
line-by-line output (16 bytes per line) fits within the buffer, sprintf
provides no overflow protection if the format changes or assumptions
are violated. Replace with snprintf() using sizeof(buffer) and remaining
space tracking to guarantee the buffer cannot be overflowed.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

2026-04-29 11:33:25 +02:00

spa

security: replace sprintf with snprintf in spa_debugc_mem

2026-04-29 11:33:25 +02:00

meson.build

spa: expose utils/cleanup.h for external users

2023-10-11 19:56:11 +02:00