SPA: ensure that attempting to build an overly-large POD fails
Right now, attempting to build overly-large PODs (more than 4GiB or sometimes 2GiB) will cause integer overflows in various builder functions. Such attempts should instead fail.
A simple approach would be to have a #define SPA_POD_BUILDER_FLAG_CORRUPTED (1 << 2)
. This would be set by any operation that failed for any reason, including but not limited to integer overflow. Most operations on corrupted POD builders would do nothing and return an error. The only exceptions would be spa_pod_builder_push()
and spa_pod_builder_pop()
, which would have their usual affects on the frame chain but would preserve the corrupted state of a builder. spa_pod_builder_pop()
would return NULL when called with a corrupted builder. A new function would detect if a POD is corrupted and return an error or 0 accordingly.