Superminaren
/
kvm
mirror of https://github.com/jetkvm/kvm.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add bounds check for Opus packets in Go layer 

Validate packet size <= 1500 bytes before passing to C code to provide
defense-in-depth alongside existing C-layer validation.
This commit is contained in:
Alex P 2025-11-18 01:22:15 +02:00
parent 6a7f9e9996
commit 437a63d7d4
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
internal/audio/cgo_source.go
View File

@ -214,6 +214,10 @@ func (c *CgoSource) WriteMessage(msgType uint8, payload []byte) error {
return nil return nil
} }
if len(payload) > 1500 {
return fmt.Errorf("opus packet too large: %d bytes (max 1500)", len(payload))
}
rc := C.jetkvm_audio_decode_write(unsafe.Pointer(&payload[0]), C.int(len(payload))) rc := C.jetkvm_audio_decode_write(unsafe.Pointer(&payload[0]), C.int(len(payload)))
if rc < 0 { if rc < 0 {
return fmt.Errorf("jetkvm_audio_decode_write failed: %d", rc) return fmt.Errorf("jetkvm_audio_decode_write failed: %d", rc)