diff options
author | Lennart Poettering <lennart@poettering.net> | 2009-02-04 17:20:36 +0100 |
---|---|---|
committer | Lennart Poettering <lennart@poettering.net> | 2009-02-04 17:20:36 +0100 |
commit | 12b735962a3794f1e64c7bf54d67dc7d8c4b8643 (patch) | |
tree | 8e58615a54496153058a4ea2608112786967ca4b | |
parent | 83ddc0936e52120f2af86a552f3adb240a4f0ac4 (diff) |
add a few additional validity checks
-rw-r--r-- | src/pulse/ext-stream-restore.c | 48 | ||||
-rw-r--r-- | src/pulse/operation.c | 1 |
2 files changed, 43 insertions, 6 deletions
diff --git a/src/pulse/ext-stream-restore.c b/src/pulse/ext-stream-restore.c index 703179c53..469c822a7 100644 --- a/src/pulse/ext-stream-restore.c +++ b/src/pulse/ext-stream-restore.c @@ -30,6 +30,7 @@ #include <pulsecore/pstream-util.h> #include "internal.h" +#include "operation.h" #include "ext-stream-restore.h" @@ -191,8 +192,8 @@ pa_operation *pa_ext_stream_restore_write( void *userdata) { uint32_t tag; - pa_operation *o; - pa_tagstruct *t; + pa_operation *o = NULL; + pa_tagstruct *t = NULL; pa_assert(c); pa_assert(PA_REFCNT_VALUE(c) >= 1); @@ -213,7 +214,15 @@ pa_operation *pa_ext_stream_restore_write( pa_tagstruct_put_boolean(t, apply_immediately); for (; n > 0; n--, data++) { + if (!data->name || !*data->name) + goto fail; + pa_tagstruct_puts(t, data->name); + + if (data->volume.channels > 0 && + !pa_cvolume_compatible_with_channel_map(&data->volume, &data->channel_map)) + goto fail; + pa_tagstruct_put_channel_map(t, &data->channel_map); pa_tagstruct_put_cvolume(t, &data->volume); pa_tagstruct_puts(t, data->device); @@ -224,6 +233,18 @@ pa_operation *pa_ext_stream_restore_write( pa_pdispatch_register_reply(c->pdispatch, tag, DEFAULT_TIMEOUT, pa_context_simple_ack_callback, pa_operation_ref(o), (pa_free_cb_t) pa_operation_unref); return o; + +fail: + if (o) { + pa_operation_cancel(o); + pa_operation_unref(o); + } + + if (t) + pa_tagstruct_free(t); + + pa_context_set_error(c, PA_ERR_INVALID); + return NULL; } pa_operation *pa_ext_stream_restore_delete( @@ -233,8 +254,8 @@ pa_operation *pa_ext_stream_restore_delete( void *userdata) { uint32_t tag; - pa_operation *o; - pa_tagstruct *t; + pa_operation *o = NULL; + pa_tagstruct *t = NULL; const char *const *k; pa_assert(c); @@ -251,13 +272,29 @@ pa_operation *pa_ext_stream_restore_delete( pa_tagstruct_puts(t, "module-stream-restore"); pa_tagstruct_putu32(t, SUBCOMMAND_DELETE); - for (k = s; *k; k++) + for (k = s; *k; k++) { + if (!*k || !**k) + goto fail; + pa_tagstruct_puts(t, *k); + } pa_pstream_send_tagstruct(c->pstream, t); pa_pdispatch_register_reply(c->pdispatch, tag, DEFAULT_TIMEOUT, pa_context_simple_ack_callback, pa_operation_ref(o), (pa_free_cb_t) pa_operation_unref); return o; + +fail: + if (o) { + pa_operation_cancel(o); + pa_operation_unref(o); + } + + if (t) + pa_tagstruct_free(t); + + pa_context_set_error(c, PA_ERR_INVALID); + return NULL; } pa_operation *pa_ext_stream_restore_subscribe( @@ -322,5 +359,4 @@ void pa_ext_stream_restore_command(pa_context *c, uint32_t tag, pa_tagstruct *t) if (c->ext_stream_restore.callback) c->ext_stream_restore.callback(c, c->ext_stream_restore.userdata); - } diff --git a/src/pulse/operation.c b/src/pulse/operation.c index 13b470a8e..aa2bbc05d 100644 --- a/src/pulse/operation.c +++ b/src/pulse/operation.c @@ -62,6 +62,7 @@ pa_operation *pa_operation_ref(pa_operation *o) { PA_REFCNT_INC(o); return o; } + void pa_operation_unref(pa_operation *o) { pa_assert(o); pa_assert(PA_REFCNT_VALUE(o) >= 1); |