lisa/android_kernel_xiaomi_sm8350
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

asoc: check payload length against structure size

Browse Source 
Payload length must exceed structure size. Otherwise, it may
lead to out-of-boundary memory access.

Change-Id: I090de5116ab04a4ca2b9c485e17617fe9e861ad5
Signed-off-by: Xiaojun Sang <xsang@codeaurora.org>
This commit is contained in:
Xiaojun Sang 2019-01-17 15:45:13 +08:00 committed by Meng Wang
parent 74d9fedcb2
commit 4ccf051bef
1 changed files with 8 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
asoc/msm-qti-pp-config.c
View File

@ -1,5 +1,5 @@
// SPDX-License-Identifier: GPL-2.0-only
/* Copyright (c) 2012-2018, The Linux Foundation. All rights reserved.
/* Copyright (c) 2012-2019, The Linux Foundation. All rights reserved.
*/
#include <linux/err.h>
@ -1172,6 +1172,13 @@ int msm_adsp_inform_mixer_ctl(struct snd_soc_pcm_runtime *rtd,
}
event_data = (struct msm_adsp_event_data *)payload;
if (event_data->payload_len < sizeof(struct msm_adsp_event_data)) {
pr_err("%s: event_data size of %x is less than expected.\n",
__func__, event_data->payload_len);
ret = -EINVAL;
goto done;
}
kctl->info(kctl, &kctl_info);
if (event_data->payload_len >