On Tue, 24 May 2016, Francois Gouget wrote: [...] > Now if the content of SpiceCopy cannot be trusted, the GStreamer encoder > is the wrong place to check for issues : there are at least three places > where the SpiceCopy bitmap can be used: the MJPEG encoder, the GStreamer > encoder and the regular screen update code (which may or may not involve > the JPEG encoder) [1]. > > Duplicating checks all over the place can only lead to maintenance > issues and incomplete checks. So validating the SpiceCopy structure > should be done before it is sent down one or the other path. To nuance this, in the non-streaming case it seems like the SpiceCopy structure is sent to the client without being interpreted. That is the image buffer is sent but it does not need to be consistent with its x and y dimensions, nor with the src_area struct. If the same is true for most other structures, then it would make sense to only perform these consistency checks on the server for the streaming code, but before the individual video encoders. -- Francois Gouget <fgouget@xxxxxxxxxxxxxxx> _______________________________________________ Spice-devel mailing list Spice-devel@xxxxxxxxxxxxxxxxxxxxx https://lists.freedesktop.org/mailman/listinfo/spice-devel