pipewire

mirror of https://gitlab.freedesktop.org/pipewire/pipewire.git synced 2026-05-20 19:28:11 +02:00

History

Barnabás Pőcze c8c2526f87 pulse-server: destroy modules first The `impl::servers` list contains all servers, and they are all destroyed in `impl_clear()`. However, by that time, modules were not freed previously, so if there were any instances of module-protocol-native-tcp loaded, then the unload() method of those would call `server_free()` on already freed servers, resulting in use-after-frees. Fix that by unloading modules before destroying the servers. ==451490==ERROR: AddressSanitizer: heap-use-after-free on address 0x612000006050 ... READ of size 8 at 0x612000006050 thread T0 #0 0x7f45edb19a0c in server_free ../src/modules/module-protocol-pulse/server.c:1022 #1 0x7f45edb46c7d in module_native_protocol_tcp_unload ../src/modules/module-protocol-pulse/modules/module-native-protocol-tcp.c:66 #2 0x7f45eda893c7 in module_unload ../src/modules/module-protocol-pulse/module.c:128 #3 0x7f45edaf7269 in impl_unload_module ../src/modules/module-protocol-pulse/pulse-server.c:5336 #4 0x7f45edaa1583 in pw_map_for_each ../src/pipewire/map.h:238 #5 0x7f45edaf79c5 in impl_clear ../src/modules/module-protocol-pulse/pulse-server.c:5358 ... 0x612000006050 is located 16 bytes inside of 264-byte region [0x612000006040,0x612000006148) freed by thread T0 here: #0 0x7f45f30be672 in __interceptor_free /usr/src/debug/gcc/libsanitizer/asan/asan_malloc_linux.cpp:52 #1 0x7f45edb1a48a in server_free ../src/modules/module-protocol-pulse/server.c:1040 #2 0x7f45edaf730b in impl_clear ../src/modules/module-protocol-pulse/pulse-server.c:5347 ... Fixes: `f181210b29` ("pulse-server: properly unload modules")		2022-06-09 03:02:06 +02:00
..
extensions	spa: add locale independent spa_dtoa	2022-03-21 10:41:44 +01:00
modules	pulse-server: module-switch-on-connect: remove dead code and one allocation	2022-06-05 18:04:03 +00:00
client.c	pulse-server: client: drop unused argument	2022-02-06 00:49:12 +01:00
client.h	pulse-server: client: remove `disconnecting` flag	2022-02-02 15:40:43 +00:00
collect.c	pulse-server: optimize link finding	2022-06-03 15:48:08 +02:00
collect.h	pulse-server: optimize link finding	2022-06-03 15:48:08 +02:00
commands.h	pulse-server: add command access control	2021-12-31 02:11:59 +01:00
dbus-name.c	modules: add log topics to module-protocol-pulse	2021-09-28 09:35:39 +02:00
dbus-name.h	pulse-server: split out D-Bus parts	2021-06-25 03:23:09 +02:00
defs.h	pulse-server: set also metadata target.object when moving streams	2022-02-28 18:36:26 +00:00
extension.c	pulse-server: make separate index	2022-01-17 12:01:13 +01:00
extension.h	pulse-server: make separate index	2022-01-17 12:01:13 +01:00
format.c	pulse-server: use 8 channels internally for TrueHD and DTSHD	2022-05-23 18:54:18 +02:00
format.h	pulse-server: fix IEC958 passthrough again	2022-02-21 16:53:03 +01:00
internal.h	pulse-server: use quantum_limit	2022-01-14 16:45:41 +01:00
log.h	modules: add log topics to module-protocol-pulse	2021-09-28 09:35:39 +02:00
manager.c	pulse-server: implement temporary data attached to manager objects	2022-05-15 17:14:52 +00:00
manager.h	pulse-server: implement temporary data attached to manager objects	2022-05-15 17:14:52 +00:00
message-handler.c	handle open_memstream errors	2022-03-02 11:48:31 +01:00
message-handler.h	pulse-server: split out message-handler	2021-06-25 03:23:41 +02:00
message.c	pulse-server: reset message length when freeing	2022-05-18 17:31:23 +02:00
message.h	pulse-server: split out message handling	2021-06-25 03:23:24 +02:00
module.c	pulse-server: rename `module_info::prepare()` to `create()`	2022-06-02 23:56:55 +02:00
module.h	pulse-server: rename `module_info::prepare()` to `create()`	2022-06-02 23:56:55 +02:00
operation.c	pulse-server: unlink operation before callback	2022-02-21 08:54:50 +01:00
operation.h	pulse-server: free pending sample reply	2022-02-20 21:34:53 +01:00
pending-sample.c	pulse-server: free pending sample reply	2022-02-20 21:34:53 +01:00
pending-sample.h	pulse-server: wait for pending_sample to complete	2022-02-21 08:57:15 +01:00
pulse-server.c	pulse-server: destroy modules first	2022-06-09 03:02:06 +02:00
pulse-server.h	pulse-server: add missing forward declarations	2021-06-25 03:24:00 +02:00
quirks.c	conf: move rule matching to config	2022-02-04 10:43:31 +01:00
quirks.h	pipewire-pulse: implement simple quirk database	2021-06-30 17:17:36 +02:00
remap.c	pulse-server: also remap module property keys and values	2022-02-04 15:15:42 +01:00
remap.h	pulse-server: also remap module property keys and values	2022-02-04 15:15:42 +01:00
reply.c	modules: add log topics to module-protocol-pulse	2021-09-28 09:35:39 +02:00
reply.h	pulse-server: split out reply, operation, client, stream	2021-06-25 03:23:27 +02:00
sample-play.c	remove the rate_match io	2022-03-29 09:57:49 +02:00
sample-play.h	remove the rate_match io	2022-03-29 09:57:49 +02:00
sample.c	modules: add log topics to module-protocol-pulse	2021-09-28 09:35:39 +02:00
sample.h	pulse-server: improve reference counting of samples	2021-12-26 19:37:41 +00:00
server.c	pulse-server: use config.ext for streams	2022-04-22 14:54:27 +02:00
server.h	pulse-server: support server config	2022-01-04 14:30:33 +01:00
stream.c	pulse-server: send STREAM_MOVED messages	2022-06-03 16:59:08 +02:00
stream.h	pulse-server: send STREAM_MOVED messages	2022-06-03 16:59:08 +02:00
utils.c	pulse-server: remove unused defines	2022-01-04 10:08:54 +01:00
utils.h	pulse-server: use `pid_t` where appropriate	2021-07-25 15:17:08 +02:00
volume.c	modules: add log topics to module-protocol-pulse	2021-09-28 09:35:39 +02:00
volume.h	pulse-server: split out volume handling	2021-06-25 03:23:01 +02:00