zoneid = mrp_zone_get_id(zone);
zonename = mrp_zone_get_name(zone);
- resources = audio->zones + zoneid;
- grantid = ++(audio->grantids[zoneid]);
+
+ /* We got a nonsense zone id */
+ if (zoneid >= MRP_ZONE_MAX) {
+ mrp_debug("invalid zoneid '%" PRIu32 "' is larger than MRP_ZONE_MAX (%d), "
+ "bailing", zoneid, MRP_ZONE_MAX);
+ return;
+ }
if (!zonename)
zonename = "<unknown>";
+ resources = audio->zones + zoneid;
+ grantid = ++(audio->grantids[zoneid]);
+
mrp_list_foreach_back(resources, rentry, rn) {
ar = mrp_list_entry(rentry, audio_resource_t, link);
zoneid = mrp_zone_get_id(zone);
zonename = mrp_zone_get_name(zone);
+
+ /* We got a nonsense zone id */
+ if (zoneid >= MRP_ZONE_MAX) {
+ mrp_debug("invalid zoneid '%" PRIu32 "' is larger than MRP_ZONE_MAX (%d), "
+ "bailing", zoneid, MRP_ZONE_MAX);
+ return;
+ }
+
resources = audio->zones + zoneid;
grantid = audio->grantids[zoneid];
zoneid = mrp_zone_get_id(zone);
zonename = mrp_zone_get_name(zone);
+ /* We got a nonsense zone id */
+ if (zoneid >= MRP_ZONE_MAX) {
+ mrp_debug("invalid zoneid '%" PRIu32 "' is larger than MRP_ZONE_MAX (%d), "
+ "bailing", zoneid, MRP_ZONE_MAX);
+ return;
+ }
+
if (!zonename)
zonename = "<unknown>";
MRP_ASSERT(zone && res && audio && audio->resmgr, "invalid argument");
zoneid = mrp_zone_get_id(zone);
+
+ /* We got a nonsense zone id */
+ if (zoneid >= MRP_ZONE_MAX) {
+ mrp_debug("invalid zoneid '%" PRIu32 "' is larger than MRP_ZONE_MAX (%d), "
+ "bailing", zoneid, MRP_ZONE_MAX);
+ return FALSE;
+ }
+
grantid = audio->grantids[zoneid];
if (!(zonename = mrp_zone_get_name(zone)))
zoneid = mrp_zone_get_id(zone);
+ /* We got a nonsense zone id */
+ if (zoneid >= MRP_ZONE_MAX) {
+ mrp_debug("invalid zoneid '%" PRIu32 "' is larger than MRP_ZONE_MAX (%d), "
+ "bailing", zoneid, MRP_ZONE_MAX);
+ return;
+ }
+
if (!(zonename = mrp_zone_get_name(zone)))
zonename = "<unknown>";