[pulseaudio-discuss] [PATCH 3/3] protocol-native: Fail if trying to push unaligned memblock into queue

Thu Oct 16 02:41:19 PDT 2014

We will just ignore the memblock if this happens. We already have
a check for this in the client library, so this one is just for
security reasons.

Signed-off-by: David Henningsson <david.henningsson at canonical.com>
---
 src/pulsecore/protocol-native.c | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/src/pulsecore/protocol-native.c b/src/pulsecore/protocol-native.c
index 6ec65d6..2ef1854 100644
--- a/src/pulsecore/protocol-native.c
+++ b/src/pulsecore/protocol-native.c
@@ -4922,6 +4922,13 @@ static void pstream_memblock_callback(pa_pstream *p, uint32_t channel, int64_t o
     if (playback_stream_isinstance(stream)) {
         playback_stream *ps = PLAYBACK_STREAM(stream);
 
+        size_t frame_size = pa_frame_size(&ps->sink_input->sample_spec);
+        if (chunk->index % frame_size != 0 || chunk->length % frame_size != 0) {
+            pa_log_warn("Client sent non-aligned memblock: index %d, length %d, frame size: %d",
+                        (int) chunk->index, (int) chunk->length, (int) frame_size);
+            return;
+        }
+
         pa_atomic_inc(&ps->seek_or_post_in_queue);
         if (chunk->memblock) {
             if (seek != PA_SEEK_RELATIVE || offset != 0)
-- 
1.9.1

