system/pipewire
system/pipewire
1
0
Fork 0
mirror of https://gitlab.freedesktop.org/pipewire/pipewire synced 2024-10-01 13:44:40 +00:00
Code Issues Packages Projects Releases Wiki Activity

array: re-initialize the array in pw_array_clear()

Browse source 
Leaving the data nonzero is a use-after-free bug waiting to happen.
This commit is contained in:
Peter Hutterer 2021-10-07 12:50:02 +10:00
parent 7123fadc37
commit e36183d3cf
2 changed files with 30 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
src/pipewire/array.h
View file

@ -98,6 +98,7 @@ static inline void pw_array_init(struct pw_array *arr, size_t extend)
static inline void pw_array_clear(struct pw_array *arr)
{
free(arr->data);
pw_array_init(arr, arr->extend);
}
/** Reset the array */

29
test/test-array.c
View file

@ -108,10 +108,39 @@ PWTEST(array_test)
return PWTEST_PASS;
}
PWTEST(array_clear)
{
struct pw_array arr;
uint32_t *ptr;
uint32_t vals[] = { 0, 100, 0x8a, 0 };
size_t i;
pw_array_init(&arr, 64);
for (i = 0; i < 4; i++) {
ptr = (uint32_t*)pw_array_add(&arr, sizeof(uint32_t));
*ptr = vals[i];
}
pwtest_int_eq(pw_array_get_len(&arr, uint32_t), 4U);
pw_array_clear(&arr);
pwtest_int_eq(pw_array_get_len(&arr, uint32_t), 0U);
for (i = 0; i < 4; i++) {
ptr = (uint32_t*)pw_array_add(&arr, sizeof(uint32_t));
*ptr = vals[i];
}
pwtest_int_eq(pw_array_get_len(&arr, uint32_t), 4U);
pw_array_clear(&arr);
pwtest_int_eq(pw_array_get_len(&arr, uint32_t), 0U);
return PWTEST_PASS;
}
PWTEST_SUITE(pw_array)
{
pwtest_add(array_test_abi, PWTEST_NOARG);
pwtest_add(array_test, PWTEST_NOARG);
pwtest_add(array_clear, PWTEST_NOARG);
return PWTEST_PASS;
}