mirrors/pipewire
1
0
Fork 0
mirror of https://gitlab.freedesktop.org/pipewire/pipewire.git synced 2026-04-30 06:46:49 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions
pipewire/src/modules/module-protocol-pulse
History
Wim Taymans 6efaf12d00 security: clamp channel count in PulseAudio volume control handler 
Memory Safety: High

The stream_control_info() callback copied control->n_values floats
into stream->volume.values without checking bounds. The source allows
up to MAX_VALUES (256) entries but the destination volume array is
only CHANNELS_MAX (64) entries, so a stream with more than 64 channel
volumes would overflow the buffer. Clamp n_values to CHANNELS_MAX
before the copy.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-27 11:24:30 +02:00
..
modules zeroconf: sanitize the properties 2026-02-27 17:31:42 +01:00
client.c loop: spa_loop_invoke -> spa_loop_locked where possible 2025-05-30 11:59:35 +02:00
client.h pipewire-pulse: Expose bluetooth headset autoswitch config as a message 2026-01-26 14:44:30 -08:00
cmd.c pulse-server: fix pulse.cmd load-module not loading multiple overrides 2024-11-28 19:34:22 +00:00
cmd.h treewide: use SPDX tags to specify copyright information 2023-02-16 10:54:48 +00:00
collect.c pulse-server: Fix missing subscription events on device port changes 2025-11-03 15:31:15 +00:00
collect.h pulse-server: add stream/device state in dev_info 2023-11-20 11:39:31 +01:00
commands.h treewide: use SPDX tags to specify copyright information 2023-02-16 10:54:48 +00:00
dbus-name.c treewide: use SPDX tags to specify copyright information 2023-02-16 10:54:48 +00:00
dbus-name.h treewide: use SPDX tags to specify copyright information 2023-02-16 10:54:48 +00:00
defs.h spa: add spa_alloca that does overflow and limit checks 2026-04-27 10:53:44 +02:00
extension.c pulse-server: move extension to modules 2024-01-23 13:31:05 +01:00
extension.h pulse-server: move extension to modules 2024-01-23 13:31:05 +01:00
format.c spa: remove some obsolete functions 2025-10-24 09:35:59 +02:00
format.h format: Add support for sample rate of 1.536 Mhz 2026-01-09 01:16:30 +01:00
internal.h pulse-server: use the new timer-queue for timeouts 2025-09-18 13:55:43 +02:00
log.h treewide: use SPDX tags to specify copyright information 2023-02-16 10:54:48 +00:00
manager.c pulse-server: disconnect from server on EPROTO 2026-02-02 11:16:15 +00:00
manager.h *: don't include standard C headers inside of extern "C" 2025-05-30 09:48:28 +01:00
message-handler.c pulse-server: use null to clear the value 2026-01-27 10:17:34 +01:00
message-handler.h treewide: use SPDX tags to specify copyright information 2023-02-16 10:54:48 +00:00
message.c spa: add spa_alloca that does overflow and limit checks 2026-04-27 10:53:44 +02:00
message.h pulse-server: message: use union to store event data 2024-05-15 08:31:40 +00:00
module.c spa: remove some obsolete functions 2025-10-24 09:35:59 +02:00
module.h pulse-server: add a pipewire-pulse:list-modules message 2025-09-26 10:55:10 +02:00
operation.c treewide: use SPDX tags to specify copyright information 2023-02-16 10:54:48 +00:00
operation.h pulse-server: add operation_free_by_tag() 2023-05-10 18:57:20 +00:00
pending-sample.c pulse-server: pending-sample: handle client disconnection correctly 2023-05-10 18:57:20 +00:00
pending-sample.h pulse-server: pending-sample: handle client disconnection correctly 2023-05-10 18:57:20 +00:00
pulse-server.c security: clamp channel count in PulseAudio volume control handler 2026-04-27 11:24:30 +02:00
pulse-server.h *: don't include standard C headers inside of extern "C" 2025-05-30 09:48:28 +01:00
quirks.c pulse-server: add quirk to block record and playback streams 2024-09-23 10:56:40 +02:00
quirks.h pulse-server: add quirk to block record and playback streams 2024-09-23 10:56:40 +02:00
remap.c treewide: use SPDX tags to specify copyright information 2023-02-16 10:54:48 +00:00
remap.h treewide: use SPDX tags to specify copyright information 2023-02-16 10:54:48 +00:00
reply.c pulse-server: include "reply.h" in "reply.h" 2023-07-03 19:40:31 +02:00
reply.h treewide: use SPDX tags to specify copyright information 2023-02-16 10:54:48 +00:00
sample-play.c pulse-server: use timeout also for creating sample-play streams 2026-02-02 11:25:01 +00:00
sample-play.h pulse-server: use timeout also for creating sample-play streams 2026-02-02 11:25:01 +00:00
sample.c treewide: use SPDX tags to specify copyright information 2023-02-16 10:54:48 +00:00
sample.h treewide: use SPDX tags to specify copyright information 2023-02-16 10:54:48 +00:00
server.c security: fix TOCTOU race and symlink following in pulse protocol socket 2026-04-24 15:55:35 +02:00
server.h treewide: use SPDX tags to specify copyright information 2023-02-16 10:54:48 +00:00
snap-policy.c *: unify config.h handling 2025-05-30 10:24:13 +00:00
snap-policy.h Replace even more spaces with tabs 2024-01-12 11:35:17 +00:00
stream.c pulse-server: use timeout also for creating sample-play streams 2026-02-02 11:25:01 +00:00
stream.h pulse-server: clear timer when stream is created 2025-09-18 14:22:00 +02:00
utils.c security: fix unbounded sprintf in check_flatpak 2026-04-23 16:24:46 +02:00
utils.h protocol-pulse: implement readiness notification 2024-10-22 09:50:27 +02:00
volume.c spa: add spa_audio_parse_position_n 2025-10-21 09:59:13 +02:00
volume.h treewide: use SPDX tags to specify copyright information 2023-02-16 10:54:48 +00:00