Wim Taymans 87ee525b01 security: limit RTSP content-length and check allocation in RAOP client ... Input Validation / Memory Safety: Medium The RTSP client used for RAOP/AirPlay communication accepted arbitrarily large Content-Length values from the remote server without any upper bound. A malicious or compromised AirPlay server could specify a very large Content-Length, causing the client to allocate unbounded memory and potentially exhaust system resources (denial of service). Additionally, the return value of pw_array_add() was not checked. If the allocation failed, the subsequent memcpy would dereference a NULL pointer, causing a crash. Add a 64KB limit on Content-Length (more than sufficient for RTSP control messages) and check the pw_array_add return value. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>		2026-04-27 13:30:36 +02:00
..
daemon	filter-chain: update virtual surround with convolver2	2026-04-21 17:03:55 +02:00
examples	impl-node: accept more node.passive values	2026-03-12 17:25:36 +01:00
gst	gst: fix crop height typo in pipewiresink do_send_buffer	2026-04-21 20:19:24 +01:00
modules	security: limit RTSP content-length and check allocation in RAOP client	2026-04-27 13:30:36 +02:00
pipewire	conf: avoid overflow in pw_strv_insert_at	2026-04-27 12:15:32 +02:00
tests	stream: return -EIO when doing get_time in != STREAMING	2026-02-12 12:26:33 +01:00
tools	milan-avb: aecp-vendor-unique-milan-v12: dispatch via per-cmd table per Milan v1.2 Section 5.4.4	2026-04-27 10:56:44 +00:00
meson.build	meson.build: fix compile with -Dexamples=disabled	2023-11-28 10:18:25 +00:00