30 Apr
2020
30 Apr
'20
7:44 p.m.
On Thu, 30 Apr 2020 18:34:02 +0200, Serge Belyshev wrote:
...
This patch addresses those possible buffer overflow accesses by simply setting the upper limit per the given buffer size for each plugin before src_frames() and after dst_frames() calls.
Hi!
This patch breaks any output via oss interface, as evident by "mpv --ao=oss somefile.mp3" or "mpg123 -o oss somefile.mp3" or just "cat /dev/urandom > /dev/dsp", which worked previously in kernel version 5.5 but not any longer starting with 5.6.
It appears here that plugin->buf_frames is zero which results in ENXIO returned to userspace.
The fix is already in sound git tree, and will be in the next pull request to 5.7-rc4.
thanks,
Takashi