From 17240772255352079958d81939f5dffd4aae4224 Mon Sep 17 00:00:00 2001 From: Kieran Bingham Date: Thu, 17 Mar 2022 11:52:29 +0000 Subject: libcamera: camera: Ensure requests belong to the camera Requests are created by a Camera, and can only be queued to that specific Camera. Enforce this during the public API to prevent mis-use by incorrect applications. Reviewed-by: Umang Jain Reviewed-by: Laurent Pinchart Signed-off-by: Kieran Bingham --- src/libcamera/camera.cpp | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/src/libcamera/camera.cpp b/src/libcamera/camera.cpp index bb856d60..713543fd 100644 --- a/src/libcamera/camera.cpp +++ b/src/libcamera/camera.cpp @@ -23,6 +23,7 @@ #include "libcamera/internal/camera_controls.h" #include "libcamera/internal/formats.h" #include "libcamera/internal/pipeline_handler.h" +#include "libcamera/internal/request.h" /** * \file libcamera/camera.h @@ -1108,6 +1109,7 @@ std::unique_ptr Camera::createRequest(uint64_t cookie) * \return 0 on success or a negative error code otherwise * \retval -ENODEV The camera has been disconnected from the system * \retval -EACCES The camera is not running so requests can't be queued + * \retval -EXDEV The request does not belong to this camera * \retval -EINVAL The request is invalid * \retval -ENOMEM No buffer memory was available to handle the request */ @@ -1119,6 +1121,12 @@ int Camera::queueRequest(Request *request) if (ret < 0) return ret; + /* Requests can only be queued to the camera that created them. */ + if (request->_d()->camera() != this) { + LOG(Camera, Error) << "Request was not created by this camera"; + return -EXDEV; + } + /* * The camera state may change until the end of the function. No locking * is however needed as PipelineHandler::queueRequest() will handle -- cgit v1.2.1