From patchwork Thu Sep 21 17:37:13 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Peter Maydell X-Patchwork-Id: 724843 Delivered-To: patch@linaro.org Received: by 2002:adf:ea87:0:b0:31d:da82:a3b4 with SMTP id s7csp614874wrm; Thu, 21 Sep 2023 10:42:25 -0700 (PDT) X-Google-Smtp-Source: AGHT+IHgy8fnbF8mHRCPRg80fVh9XQU3a+kE86nMBVSBSKC/I2cAGA8KXbHGX8K/kJU/Tht7yakt X-Received: by 2002:a0c:a9d2:0:b0:655:da3b:8c76 with SMTP id c18-20020a0ca9d2000000b00655da3b8c76mr6258439qvb.3.1695318145154; Thu, 21 Sep 2023 10:42:25 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1695318145; cv=none; d=google.com; s=arc-20160816; b=Fbu4fM+1wP+8Lf13AUIGfsdupjdtprhe5ZRUJBFcxA/JO0p+ZGXM06QZQmwX4FfxZg BzopxblN4+Iy0oF+GJIeWDIVo/TO9W+tz0YcCGw8CBbegyQyEVNyOw2WfCfcutqWbO5Q h0wYcsQI3hYXgnoLVoB6MDU0kTfL4MS/qRpHrXTYwxQw3uvSUrh8GqFws8v1QEWZfyrT bvu8jY3qLLl5Ae5ZKcjx75XLC9wvn1ihB1zXRMaLwcQ5l5hq6+TQmbJTtfJvalQrZSlE m9OP9knv3pS8BYTEvJaUDtCy2KjnYO1MBIbAumKSdoc/6hQNhQIEtNay3w6SLcRCXTUN T65w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:to:from :dkim-signature; bh=YmquttdWOUZO2zoSRHgCppwJQPOrmr0UTW6yGeHagaU=; fh=PnYt+qEB9tAfMKoqBm2xjKOFpYyFFGPudh5cVIoieJM=; b=pNbd+5PeAXlFX996ZMdDgjnlnb0ZJe/HLw3F5f5b6TP+TZ5pNYIG1wTCbsc78Cndw+ E98VFA7v7S3Cmfochg+H71cBij5AQhtMkrOpyUsY3O5KJSMUfdfHN+2RiGVIOcfSoUz/ s/7CYvt+vwTl682ZOKv9LpXsAKbnuCQFOvUlEwI5fW4JJjT3kgnUkuAcvoV29YnoaAFK 7+MzyyLLvT+XTPO6IFePdzkq6njNXdQKZsj0+Wtjc7Ui/7r9GUpd43RFBEW+XywkbSUH kvR8CIePc3a4iEbcyDPdYgnsTy0zmMJV4ExMwPT8rw9rb3DqlJ9Xp00OAnKGvmJAP3yI TAuQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=BI676u0M; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.gnu.org (lists.gnu.org. [209.51.188.17]) by mx.google.com with ESMTPS id w15-20020a0cc70f000000b006472db95085si1159817qvi.544.2023.09.21.10.42.24 for (version=TLS1_2 cipher=ECDHE-ECDSA-CHACHA20-POLY1305 bits=256/256); Thu, 21 Sep 2023 10:42:25 -0700 (PDT) Received-SPF: pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=BI676u0M; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1qjNcW-000273-Pv; Thu, 21 Sep 2023 13:37:44 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1qjNcV-00026j-Dv for qemu-devel@nongnu.org; Thu, 21 Sep 2023 13:37:43 -0400 Received: from mail-wm1-x334.google.com ([2a00:1450:4864:20::334]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1qjNcN-0007hW-0I for qemu-devel@nongnu.org; Thu, 21 Sep 2023 13:37:43 -0400 Received: by mail-wm1-x334.google.com with SMTP id 5b1f17b1804b1-403004a96eeso12870165e9.3 for ; Thu, 21 Sep 2023 10:37:34 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1695317853; x=1695922653; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=YmquttdWOUZO2zoSRHgCppwJQPOrmr0UTW6yGeHagaU=; b=BI676u0MTqHGLRDopJUbL8wadSPpaoKQeCR4w4jVyXG781MkEn059Y8tWtSI6/9aAR SG3RZww7nrfGymxZd1hJl30m+EtfFrn1VOAck21j/+LaX3cqmqnQgcRQ3HWFUamoqIrU p1o7ZeAmz6YOCa8v10oCa3rAZ1tp20zpUnCalrv/8bXX8a0SQGSb0eYJIAhLhZrRrw/5 0kiaRKd7lzbg6nOTeoUiCsUAgAYbjVqsWbgmyHLPo/YGJLKZnJkpnhSSctjXqvM3hD8b R2opYa9WNVR+aX7Pc9NUXVv4jjTTvMiTKdlQ85zV3ceBKCe5Yx6zmD7QqO7RuO6qd1d2 o/qA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1695317853; x=1695922653; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=YmquttdWOUZO2zoSRHgCppwJQPOrmr0UTW6yGeHagaU=; b=K5qE90HZTxCJ3T5I11b564dmY5B2ZxRy1A62WC7bEP5V2bfsc6y4sAeLJbDaNU+cg7 bGe+dej28vf/uugLJzmJQ2+IKDwh3xJqXa4fScdv9OEoIvM9GEn5iq5I82D5y/8fw2Dl u9Dsbp8BkaRL7Mx1/k/qV2t/OUb0crwORo39Bb9UxkOYbZ0mFrfQKdtKeH5b/duTMeVI wplJEMSXFsFXectSbgHnFG7dRa5ZnrQcDq4l+egwDmEntJobjM0OpVlyNxWWr4XZyWr0 gi73mO7uifqxL4B86m/gC3dn/X8Owep4mtw2IpuGtYjEWiiZwa3ar5d2RwjldaevAuA9 csiQ== X-Gm-Message-State: AOJu0Yzy59ADmS9NiCezt54D1bUjzVgkEwiAXcWmxSyMVPiOgZDVlGe7 AqBrkoMTM/tJiNqJ85ho60nKnpvMMg7e4xeZrTo= X-Received: by 2002:a05:600c:a381:b0:3fb:a0fc:1ba1 with SMTP id hn1-20020a05600ca38100b003fba0fc1ba1mr5546340wmb.35.1695317853192; Thu, 21 Sep 2023 10:37:33 -0700 (PDT) Received: from orth.archaic.org.uk (orth.archaic.org.uk. [2001:8b0:1d0::2]) by smtp.gmail.com with ESMTPSA id m14-20020a7bce0e000000b003feff926fc5sm2464122wmc.17.2023.09.21.10.37.32 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 21 Sep 2023 10:37:33 -0700 (PDT) From: Peter Maydell To: qemu-devel@nongnu.org Subject: [PULL 23/30] audio/jackaudio: Avoid dynamic stack allocation in qjack_client_init Date: Thu, 21 Sep 2023 18:37:13 +0100 Message-Id: <20230921173720.3250581-24-peter.maydell@linaro.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20230921173720.3250581-1-peter.maydell@linaro.org> References: <20230921173720.3250581-1-peter.maydell@linaro.org> MIME-Version: 1.0 Received-SPF: pass client-ip=2a00:1450:4864:20::334; envelope-from=peter.maydell@linaro.org; helo=mail-wm1-x334.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org Sender: qemu-devel-bounces+patch=linaro.org@nongnu.org Avoid a dynamic stack allocation in qjack_client_init(), by using a g_autofree heap allocation instead. (We stick with allocate + snprintf() because the JACK API requires the name to be no more than its maximum size, so g_strdup_printf() would require an extra truncation step.) The codebase has very few VLAs, and if we can get rid of them all we can make the compiler error on new additions. This is a defensive measure against security bugs where an on-stack dynamic allocation isn't correctly size-checked (e.g. CVE-2021-3527). Signed-off-by: Peter Maydell Reviewed-by: Marc-André Lureau Reviewed-by: Francisco Iglesias Reviewed-by: Christian Schoenebeck Message-id: 20230818155846.1651287-2-peter.maydell@linaro.org --- audio/jackaudio.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/audio/jackaudio.c b/audio/jackaudio.c index 5bdf3d7a78d..7cb2a49f971 100644 --- a/audio/jackaudio.c +++ b/audio/jackaudio.c @@ -400,7 +400,8 @@ static void qjack_client_connect_ports(QJackClient *c) static int qjack_client_init(QJackClient *c) { jack_status_t status; - char client_name[jack_client_name_size()]; + int client_name_len = jack_client_name_size(); /* includes NUL */ + g_autofree char *client_name = g_new(char, client_name_len); jack_options_t options = JackNullOption; if (c->state == QJACK_STATE_RUNNING) { @@ -409,7 +410,7 @@ static int qjack_client_init(QJackClient *c) c->connect_ports = true; - snprintf(client_name, sizeof(client_name), "%s-%s", + snprintf(client_name, client_name_len, "%s-%s", c->out ? "out" : "in", c->opt->client_name ? c->opt->client_name : audio_application_name());