[alsa-devel] [PATCH] ALSA: pcm: Check for integer overflow during multiplication
Takashi Iwai
tiwai at suse.de
Tue May 28 07:47:35 CEST 2019
On Tue, 28 May 2019 07:27:03 +0200,
<bgoswami at codeaurora.org> wrote:
>
> From: Phani Kumar Uppalapati <phaniu at codeaurora.org>
>
> Channel info data structure is parsed from userspace and if
> the number of channels is not set correctly, it could lead
> to integer overflow when the number of channels is multiplied
> with pcm bit width. Add a condition to check for integer
> overflow during the multiplication operationi, and return error
> if overflow detected.
>
> Signed-off-by: Phani Kumar Uppalapati <phaniu at codeaurora.org>
> Signed-off-by: Banajit Goswami <bgoswami at codeaurora.org>
Did you really hit this?
The info->channel value is already checked in snd_pcm_channel_info()
before calling the ioctl ops, to the upper bound runtime->channels.
So it shouldn't overflow at the point you suggested.
thanks,
Takashi
More information about the Alsa-devel
mailing list