[PATCH v3 1/4] ALSA: pcm: unconditionally check if appl_ptr is in 0..boundary range
Takashi Iwai
tiwai at suse.de
Sun Oct 17 09:43:49 CEST 2021
On Fri, 15 Oct 2021 21:59:29 +0200,
Pierre-Louis Bossart wrote:
>
> In some cases, the appl_ptr passed by userspace is not checked before
> being used. This patch adds an unconditional check and returns an
> error code should the appl_ptr exceed the ALSA 'boundary'.
>
> Suggested-by: Takashi Iwai <tiwai at suse.de>
> Signed-off-by: Pierre-Louis Bossart <pierre-louis.bossart at linux.intel.com>
> Reviewed-by: Ranjani Sridharan <ranjani.sridharan at linux.intel.com>
> Reviewed-by: Kai Vehmanen <kai.vehmanen at intel.com>
Reviewed-by: Takashi Iwai <tiwai at suse.de>
thanks,
Takashi
> ---
> sound/core/pcm_lib.c | 3 +++
> 1 file changed, 3 insertions(+)
>
> diff --git a/sound/core/pcm_lib.c b/sound/core/pcm_lib.c
> index a144a3f68e9e..ec53a3e7cf35 100644
> --- a/sound/core/pcm_lib.c
> +++ b/sound/core/pcm_lib.c
> @@ -2132,6 +2132,9 @@ int pcm_lib_apply_appl_ptr(struct snd_pcm_substream *substream,
> if (old_appl_ptr == appl_ptr)
> return 0;
>
> + if (appl_ptr >= runtime->boundary)
> + return -EINVAL;
> +
> runtime->control->appl_ptr = appl_ptr;
> if (substream->ops->ack) {
> ret = substream->ops->ack(substream);
> --
> 2.25.1
>
More information about the Alsa-devel
mailing list