[Spice-devel] [RFC spice-gtk 2/2] channel-display: fix bug when sending preferred video codecs
Frediano Ziglio
fziglio at redhat.com
Thu Aug 15 08:12:49 UTC 2019
>
> The transfer between the codecs array and the message payload cannot
> be done with memcpy because the data-type lengths are different
> (gint/uint8_t).
>
> Signed-off-by: Kevin Pouget <kpouget at redhat.com>
> ---
> src/channel-display.c | 8 +++++++-
> 1 file changed, 7 insertions(+), 1 deletion(-)
>
> diff --git a/src/channel-display.c b/src/channel-display.c
> index 44555e3..37fdbce 100644
> --- a/src/channel-display.c
> +++ b/src/channel-display.c
> @@ -615,11 +615,17 @@ static void
> spice_display_send_client_preferred_video_codecs(SpiceChannel *chann
> {
> SpiceMsgOut *out;
> SpiceMsgcDisplayPreferredVideoCodecType *msg;
> + int i;
>
> msg = g_malloc0(sizeof(SpiceMsgcDisplayPreferredVideoCodecType) +
> (sizeof(SpiceVideoCodecType) * ncodecs));
For similar reason I would change this to
msg = g_malloc0(sizeof(SpiceMsgcDisplayPreferredVideoCodecType) +
(sizeof(msg->codecs[0]) * ncodecs));
> msg->num_of_codecs = ncodecs;
> - memcpy(msg->codecs, codecs, sizeof(*codecs) * ncodecs);
> +
> + /* cannot memcpy because codecs is gint, but msg->codecs is uint8_t
> + * but safe because codecs[i] <= 255 */
> + for (i = 0; i < ncodecs; i++) {
> + msg->codecs[i] = codecs[i];
> + }
>
> out = spice_msg_out_new(channel,
> SPICE_MSGC_DISPLAY_PREFERRED_VIDEO_CODEC_TYPE);
> out->marshallers->msgc_display_preferred_video_codec_type(out->marshaller,
> msg);
Good catch!
Not much part of the series (quite independent I would say).
Frediano
More information about the Spice-devel
mailing list