[alsa-devel] [PATCH (alsa-lib)] pcm_hw: Fix buffer overflow in chmap
David Henningsson
david.henningsson at canonical.com
Mon Jun 10 16:42:47 CEST 2013
We can't calculate memory storage in bytes, when we're supposed
to store ints in it!
Signed-off-by: David Henningsson <david.henningsson at canonical.com>
---
src/pcm/pcm_hw.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/pcm/pcm_hw.c b/src/pcm/pcm_hw.c
index 196393d..9ff83a9 100644
--- a/src/pcm/pcm_hw.c
+++ b/src/pcm/pcm_hw.c
@@ -1187,7 +1187,7 @@ static snd_pcm_chmap_t *snd_pcm_hw_get_chmap(snd_pcm_t *pcm)
snd_pcm_state_name(FAST_PCM_STATE(hw)));
return NULL;
}
- map = malloc(pcm->channels + 1);
+ map = malloc(pcm->channels * sizeof(map->pos[0]) + sizeof(*map));
if (!map)
return NULL;
map->channels = pcm->channels;
--
1.8.1.2
More information about the Alsa-devel
mailing list