[alsa-devel] [PATCH] ALSA: firewire-lib: avoid NULL pointer dereference after closing MIDI port
Takashi Iwai
tiwai at suse.de
Mon Oct 19 12:02:41 CEST 2015
On Sun, 18 Oct 2015 15:58:37 +0200,
Takashi Sakamoto wrote:
>
> When asynchronous MIDI port is closed before callbacked, the callback
> function causes NULL pointer dereference to missing MIDI substream.
>
> This commit fixes this bug.
>
> Fixes: e8a40d9bcb23('ALSA: firewire-lib: schedule work again when MIDI substream has rest of MIDI messages')
> Reported-by: Dan Carpenter <dan.carpenter at oracle.com>
> Signed-off-by: Takashi Sakamoto <o-takashi at sakamocchi.jp>
Applied, thanks.
Takashi
> ---
> sound/firewire/lib.c | 6 +++++-
> 1 file changed, 5 insertions(+), 1 deletion(-)
>
> diff --git a/sound/firewire/lib.c b/sound/firewire/lib.c
> index edf1c8b..f80aafa 100644
> --- a/sound/firewire/lib.c
> +++ b/sound/firewire/lib.c
> @@ -74,7 +74,11 @@ static void async_midi_port_callback(struct fw_card *card, int rcode,
> struct snd_fw_async_midi_port *port = callback_data;
> struct snd_rawmidi_substream *substream = ACCESS_ONCE(port->substream);
>
> - if (rcode == RCODE_COMPLETE && substream != NULL)
> + /* This port is closed. */
> + if (substream == NULL)
> + return;
> +
> + if (rcode == RCODE_COMPLETE)
> snd_rawmidi_transmit_ack(substream, port->consume_bytes);
> else if (!rcode_is_permanent_error(rcode))
> /* To start next transaction immediately for recovery. */
> --
> 2.1.4
>
More information about the Alsa-devel
mailing list