[alsa-devel] [PATCH] alsa-lib: pcm: segmentation fault snd_pcm_open

Fri Dec 8 15:19:55 CET 2017

Previously, calling snd_pcm_open with a null pointer argument for
"name" caused a segmentation fault in snd_config_search_definition.
The segmentation fault resulted from invoking undefined behavior by
calling strchr with a null pointer argument.

The issue can be reproduced by passing a null pointer for "name" to
snd_pcm_open.

To prevent this instance of strchr to be invoked with a null pointer
argument, snd_config_search_definition now returns EINVAL if argument
"name" is a null pointer.

Signed-off-by: Markus Seeber <markus.seeber at spectralbird.de>
---
 src/conf.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/conf.c b/src/conf.c
index e71bb972..e04b575b 100644
--- a/src/conf.c
+++ b/src/conf.c
@@ -5078,6 +5078,8 @@ int snd_config_search_definition(snd_config_t *config,
 {
 	snd_config_t *conf;
 	char *key;
+	if(name == NULL)
+		return -EINVAL;
 	const char *args = strchr(name, ':');
 	int err;
 	if (args) {
-- 
2.15.1

