[alsa-devel] [PATCH 0/4] Harden USB-audio parsers
Takashi Iwai
tiwai at suse.de
Tue Nov 21 17:33:50 CET 2017
Hi,
as recently spotted by syzkaller, the parser codes in USB audio driver
don't check the length of the descriptor unit before actually
accessing the extra field, which may lead to out-of-bound access
error. This patchset tries to address these by adding proper sanity
checks.
Takashi
===
Takashi Iwai (4):
ALSA: usb-audio: Add sanity checks to FE parser
ALSA: usb-audio: Fix potential out-of-bound access at parsing SU
ALSA: usb-audio: Fix potential zero-division at parsing FU
ALSA: usb-audio: Add sanity checks in v2 clock parsers
sound/usb/clock.c | 9 ++++++---
sound/usb/mixer.c | 19 ++++++++++++++++---
2 files changed, 22 insertions(+), 6 deletions(-)
--
2.15.0
More information about the Alsa-devel
mailing list