[PATCH] ALSA: pcm: oss: Avoid plugin buffer overflow
Takashi Iwai
tiwai at suse.de
Thu Apr 30 18:44:53 CEST 2020
On Thu, 30 Apr 2020 18:34:02 +0200,
Serge Belyshev wrote:
>
> > ...
> >
> > This patch addresses those possible buffer overflow accesses by simply
> > setting the upper limit per the given buffer size for each plugin
> > before src_frames() and after dst_frames() calls.
>
> Hi!
>
> This patch breaks any output via oss interface, as evident by "mpv
> --ao=oss somefile.mp3" or "mpg123 -o oss somefile.mp3" or just "cat
> /dev/urandom > /dev/dsp", which worked previously in kernel version 5.5
> but not any longer starting with 5.6.
>
> It appears here that plugin->buf_frames is zero which results in ENXIO
> returned to userspace.
The fix is already in sound git tree, and will be in the next pull
request to 5.7-rc4.
thanks,
Takashi
More information about the Alsa-devel
mailing list