[PATCH] ASoC: es8316: Fix possible NULL pointer deref in es8316_disable_jack_detect()
sound/soc/soc-core.c: soc_remove_component() unconditionally calls snd_soc_component_set_jack(component, NULL, NULL); on any components being removed.
This means that on machines where the machine-driver does not provide a jack through snd_soc_component_set_jack() es8316_disable_jack_detect() will still get called and at this time es8316->jack will be NULL and the es8316->jack->status check in es8316_disable_jack_detect() will lead to a NULL pointer deref.
Fix this by checking for es8316->jack bein NULL at the start of es8316_disable_jack_detect() and turn the function into a no-op in that case.
Cc: russianneuromancer russianneuromancer@ya.ru Signed-off-by: Hans de Goede hdegoede@redhat.com --- sound/soc/codecs/es8316.c | 3 +++ 1 file changed, 3 insertions(+)
diff --git a/sound/soc/codecs/es8316.c b/sound/soc/codecs/es8316.c index f9ec5cf82599..1ce84f12a4cf 100644 --- a/sound/soc/codecs/es8316.c +++ b/sound/soc/codecs/es8316.c @@ -681,6 +681,9 @@ static void es8316_disable_jack_detect(struct snd_soc_component *component) { struct es8316_priv *es8316 = snd_soc_component_get_drvdata(component);
+ if (!es8316->jack) + return; /* Already disabled (or never enabled) */ + disable_irq(es8316->irq);
mutex_lock(&es8316->lock);
On Tue, 12 Jan 2021 11:17:25 +0100, Hans de Goede wrote:
sound/soc/soc-core.c: soc_remove_component() unconditionally calls snd_soc_component_set_jack(component, NULL, NULL); on any components being removed.
This means that on machines where the machine-driver does not provide a jack through snd_soc_component_set_jack() es8316_disable_jack_detect() will still get called and at this time es8316->jack will be NULL and the es8316->jack->status check in es8316_disable_jack_detect() will lead to a NULL pointer deref.
[...]
Applied to
https://git.kernel.org/pub/scm/linux/kernel/git/broonie/sound.git for-next
Thanks!
[1/1] ASoC: es8316: Fix possible NULL pointer deref in es8316_disable_jack_detect() commit: f2973a1de9d9890b6ac712fb1825d3449ee9cc93
All being well this means that it will be integrated into the linux-next tree (usually sometime in the next 24 hours) and sent to Linus during the next merge window (or sooner if it is a bug fix), however if problems are discovered then the patch may be dropped or reverted.
You may get further e-mails resulting from automated or manual testing and review of the tree, please engage with people reporting problems and send followup patches addressing any issues that are reported if needed.
If any updates are required or you are submitting further changes they should be sent as incremental updates against current git, existing patches will not be replaced.
Please add any relevant lists and maintainers to the CCs when replying to this mail.
Thanks, Mark
participants (2)
-
Hans de Goede -
Mark Brown