If we agree that all strings sent over the native protocol must be
valid UTF-8, then it can be checked in pa_tagstruct_gets(), so
callers don't have to the checking themselves. There were not many
callers that were checking the UTF-8 validity, but there probably
should have been many more.
---
src/pulsecore/protocol-native.c | 7 ++-----
src/pulsecore/tagstruct.c | 4 ++++
2 files changed, 6 insertions(+), 5 deletions(-)
diff --git a/src/pulsecore/protocol-native.c b/src/pulsecore/protocol-native.c
index 9be65b0..a73787d 100644
--- a/src/pulsecore/protocol-native.c
+++ b/src/pulsecore/protocol-native.c
@@ -32,7 +32,6 @@
#include <pulse/rtclock.h>
#include <pulse/timeval.h>
#include <pulse/version.h>
-#include <pulse/utf8.h>
#include <pulse/util.h>
#include <pulse/xmalloc.h>
#include <pulse/internal.h>
@@ -4360,7 +4359,7 @@ static void command_set_stream_name(pa_pdispatch *pd, uint32_t command, uint32_t
}
CHECK_VALIDITY(c->pstream, c->authorized, tag, PA_ERR_ACCESS);
- CHECK_VALIDITY(c->pstream, name && pa_utf8_valid(name), tag, PA_ERR_INVALID);
+ CHECK_VALIDITY(c->pstream, name, tag, PA_ERR_INVALID);
if (command == PA_COMMAND_SET_PLAYBACK_STREAM_NAME) {
playback_stream *s;
@@ -4449,8 +4448,7 @@ static void command_load_module(pa_pdispatch *pd, uint32_t command, uint32_t tag
}
CHECK_VALIDITY(c->pstream, c->authorized, tag, PA_ERR_ACCESS);
- CHECK_VALIDITY(c->pstream, name && *name && pa_utf8_valid(name) && !strchr(name, '/'), tag, PA_ERR_INVALID);
- CHECK_VALIDITY(c->pstream, !argument || pa_utf8_valid(argument), tag, PA_ERR_INVALID);
+ CHECK_VALIDITY(c->pstream, name && *name && !strchr(name, '/'), tag, PA_ERR_INVALID);
if (!(m = pa_module_load(c->protocol->core, name, argument))) {
pa_pstream_send_error(c->pstream, tag, PA_ERR_MODINITFAILED);
@@ -4653,7 +4651,6 @@ static void command_extension(pa_pdispatch *pd, uint32_t command, uint32_t tag,
}
CHECK_VALIDITY(c->pstream, c->authorized, tag, PA_ERR_ACCESS);
- CHECK_VALIDITY(c->pstream, !name || pa_utf8_valid(name), tag, PA_ERR_INVALID);
CHECK_VALIDITY(c->pstream, idx != PA_INVALID_INDEX || name, tag, PA_ERR_INVALID);
CHECK_VALIDITY(c->pstream, idx == PA_INVALID_INDEX || !name, tag, PA_ERR_INVALID);
CHECK_VALIDITY(c->pstream, !name || idx == PA_INVALID_INDEX, tag, PA_ERR_INVALID);
diff --git a/src/pulsecore/tagstruct.c b/src/pulsecore/tagstruct.c
index ded4157..30a3ee8 100644
--- a/src/pulsecore/tagstruct.c
+++ b/src/pulsecore/tagstruct.c
@@ -33,6 +33,7 @@
#include <netinet/in.h>
#endif
+#include <pulse/utf8.h>
#include <pulse/xmalloc.h>
#include <pulsecore/socket.h>
@@ -346,6 +347,9 @@ int pa_tagstruct_gets(pa_tagstruct*t, const char **s) {
if (error)
return -1;
+ if (!pa_utf8_valid((char *) (t->data + t->rindex + 1)))
+ return -1;
+
*s = (char*) (t->data+t->rindex+1);
t->rindex += n+2;
--
1.8.1.2
