wording suggestion: "display channel: don't let client set too many surfaces Limit the n_surfaces argument to avoid overflowing the surfaces array" I suppose it could also be an assert instead, but this works as well. I notice that red_worker_new() does have the following line: spice_warn_if_fail(init_info.n_surfaces <= NUM_SURFACES); Perhaps we should remove that warning from the caller and handle it completely in DisplayChannel since that's where the array size is allocated. Acked-by: Jonathon Jongsma <jjongsma@xxxxxxxxxx> On Thu, 2016-10-20 at 12:36 +0100, Frediano Ziglio wrote: > Signed-off-by: Frediano Ziglio <fziglio@xxxxxxxxxx> > --- > server/display-channel.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/server/display-channel.c b/server/display-channel.c > index 69edd35..0b8d6b5 100644 > --- a/server/display-channel.c > +++ b/server/display-channel.c > @@ -1946,7 +1946,7 @@ DisplayChannel* display_channel_new(RedsState > *reds, > #endif > image_encoder_shared_init(&display->priv->encoder_shared_data); > > - display->priv->n_surfaces = n_surfaces; > + display->priv->n_surfaces = MIN(n_surfaces, NUM_SURFACES); > display->priv->renderer = RED_RENDERER_INVALID; > > ring_init(&display->priv->current_list); _______________________________________________ Spice-devel mailing list Spice-devel@xxxxxxxxxxxxxxxxxxxxx https://lists.freedesktop.org/mailman/listinfo/spice-devel