[Spice-devel] [PATCH spice-server] Avoid client to set too much surfaces
Jonathon Jongsma
jjongsma at redhat.com
Thu Oct 20 15:38:23 UTC 2016
wording suggestion:
"display channel: don't let client set too many surfaces
Limit the n_surfaces argument to avoid overflowing the surfaces array"
I suppose it could also be an assert instead, but this works as well. I
notice that red_worker_new() does have the following line:
spice_warn_if_fail(init_info.n_surfaces <= NUM_SURFACES);
Perhaps we should remove that warning from the caller and handle it
completely in DisplayChannel since that's where the array size is
allocated.
Acked-by: Jonathon Jongsma <jjongsma at redhat.com>
On Thu, 2016-10-20 at 12:36 +0100, Frediano Ziglio wrote:
> Signed-off-by: Frediano Ziglio <fziglio at redhat.com>
> ---
> server/display-channel.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/server/display-channel.c b/server/display-channel.c
> index 69edd35..0b8d6b5 100644
> --- a/server/display-channel.c
> +++ b/server/display-channel.c
> @@ -1946,7 +1946,7 @@ DisplayChannel* display_channel_new(RedsState
> *reds,
> #endif
> image_encoder_shared_init(&display->priv->encoder_shared_data);
>
> - display->priv->n_surfaces = n_surfaces;
> + display->priv->n_surfaces = MIN(n_surfaces, NUM_SURFACES);
> display->priv->renderer = RED_RENDERER_INVALID;
>
> ring_init(&display->priv->current_list);
More information about the Spice-devel
mailing list