[PATCH] firewire: cdev: fix potential leak of kernel stack due to uninitialized value

Takashi Iwai tiwai at suse.de
Tue Jun 14 15:07:46 CEST 2022


On Tue, 14 Jun 2022 14:30:36 +0200,
Takashi Sakamoto wrote:
> 
> Hi Iwai-san,
> 
> I have a moderate request to you for the patch which fixes an issue
> included in v5.19-rc1. If it's applicable and I can borrow your help
> again, I'd like you to send the patch to mainline via your tree.

Do you have the lore URL I can get a patch from?

> If possible, it's preferable to apply additional three patches I
> respined[1], but it could be optional since not so critical.
> 
> [1] https://lore.kernel.org/alsa-devel/20220512111756.103008-1-o-takashi@sakamocchi.jp/

I can merge those, but now looking at the patches, I'm afraid that the
patch 2 ("firewire: use struct_size over open coded arithmetic") is
wrong; struct_size() takes the number of elements, and the element
type is u32, hence you're allocating 4 times large data with that
patch.


thanks,

Takashi


More information about the Alsa-devel mailing list