Previously, calling snd_pcm_open with a null pointer argument for "name" caused a segmentation fault in snd_config_search_definition. The segmentation fault resulted from invoking undefined behavior by calling strchr with a null pointer argument.
The issue can be reproduced by passing a null pointer for "name" to snd_pcm_open.
To prevent this instance of strchr to be invoked with a null pointer argument, snd_config_search_definition now returns EINVAL if argument "name" is a null pointer.
Signed-off-by: Markus Seeber markus.seeber@spectralbird.de --- src/conf.c | 2 ++ 1 file changed, 2 insertions(+)
diff --git a/src/conf.c b/src/conf.c index e71bb972..e04b575b 100644 --- a/src/conf.c +++ b/src/conf.c @@ -5078,6 +5078,8 @@ int snd_config_search_definition(snd_config_t *config, { snd_config_t *conf; char *key; + if(name == NULL) + return -EINVAL; const char *args = strchr(name, ':'); int err; if (args) {