On Thu, 2014-10-16 at 11:41 +0200, David Henningsson wrote: > If somebody tries to push a non-frame-aligned memblock onto the > memblockq, then we should fail the write. Otherwise the daemon will > crash, see https://bugs.freedesktop.org/show_bug.cgi?id=77595 > > Signed-off-by: David Henningsson <david.henningsson at canonical.com> > --- > src/pulse/stream.c | 2 ++ > 1 file changed, 2 insertions(+) > > diff --git a/src/pulse/stream.c b/src/pulse/stream.c > index 3c04c42..f549036 100644 > --- a/src/pulse/stream.c > +++ b/src/pulse/stream.c > @@ -1487,6 +1487,8 @@ int pa_stream_write_ext_free( > ((data >= s->write_data) && > ((const char*) data + length <= (const char*) s->write_data + pa_memblock_get_length(s->write_memblock))), > PA_ERR_INVALID); > + PA_CHECK_VALIDITY(s->context, offset % pa_frame_size(&s->sample_spec) == 0, PA_ERR_INVALID); > + PA_CHECK_VALIDITY(s->context, length % pa_frame_size(&s->sample_spec) == 0, PA_ERR_INVALID); Personally, I prefer to wrap the left side of the comparison in parentheses to avoid ambiguity, but not too fussed. Looks good to me. -- Arun
