[PATCH 5.15.y 0/1] Fix of CVE-2023-52904 for stable-5.15
Folowing is a backport of commit a474d4ad59cd ("ALSA: usb-audio: Fix possible NULL pointer dereference in snd_usb_pcm_has_fixed_rate()") to stable-5.15 branch which fixes broken commit bfd36b1d1869 ("ALSA: usb-audio: Always initialize fixed_rate in snd_usb_find_implicit_fb_sync_format()").
This was a clean pick and shouldn't be break anything. Basic smoke tests were performed on this patch.
Jaroslav Kysela (1): ALSA: usb-audio: Fix possible NULL pointer dereference in snd_usb_pcm_has_fixed_rate()
sound/usb/pcm.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-)
From: Jaroslav Kysela perex@perex.cz
[ Upstream commit 92a9c0ad86d47ff4cce899012e355c400f02cfb8 ]
The subs function argument may be NULL, so do not use it before the NULL check.
Fixes: 291e9da91403 ("ALSA: usb-audio: Always initialize fixed_rate in snd_usb_find_implicit_fb_sync_format()") Reported-by: coverity-bot keescook@chromium.org Link: https://lore.kernel.org/alsa-devel/202301121424.4A79A485@keescook/ Signed-off-by: Jaroslav Kysela perex@perex.cz Link: https://lore.kernel.org/r/20230113085311.623325-1-perex@perex.cz Signed-off-by: Takashi Iwai tiwai@suse.de Signed-off-by: Sasha Levin sashal@kernel.org (cherry picked from commit a474d4ad59cd4642d1b7e3a6c08cef9eca0992c8) Signed-off-by: Harshvardhan Jha harshvardhan.j.jha@oracle.com --- sound/usb/pcm.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/sound/usb/pcm.c b/sound/usb/pcm.c index 580e2649641e4..737302cfede8f 100644 --- a/sound/usb/pcm.c +++ b/sound/usb/pcm.c @@ -160,11 +160,12 @@ find_substream_format(struct snd_usb_substream *subs, bool snd_usb_pcm_has_fixed_rate(struct snd_usb_substream *subs) { const struct audioformat *fp; - struct snd_usb_audio *chip = subs->stream->chip; + struct snd_usb_audio *chip; int rate = -1;
if (!subs) return false; + chip = subs->stream->chip; if (!(chip->quirk_flags & QUIRK_FLAG_FIXED_RATE)) return false; list_for_each_entry(fp, &subs->fmt_list, list) {
participants (1)
-
Harshvardhan Jha