Minki/linux
1
0
Fork 1
mirror of https://github.com/torvalds/linux.git synced 2024-09-21 15:33:19 +00:00
Code Issues Packages Projects Releases Wiki Activity
4cc8d6505a
linux/sound
History
Takashi Iwai 4cc8d6505a ALSA: pcm: oss: Avoid potential buffer overflows 
syzkaller reported an invalid access in PCM OSS read, and this seems
to be an overflow of the internal buffer allocated for a plugin.
Since the rate plugin adjusts its transfer size dynamically, the
calculation for the chained plugin might be bigger than the given
buffer size in some extreme cases, which lead to such an buffer
overflow as caught by KASAN.

Fix it by limiting the max transfer size properly by checking against
the destination size in each plugin transfer callback.

Reported-by: syzbot+f153bde47a62e0b05f83@syzkaller.appspotmail.com
Cc: <stable@vger.kernel.org>
Link: https://lore.kernel.org/r/20191204144824.17801-1-tiwai@suse.de
Signed-off-by: Takashi Iwai <tiwai@suse.de>
2019-12-04 15:51:30 +01:00
..
ac97 ALSA: ac97: Fix double free of ac97_codec_device 2019-07-23 14:16:11 +02:00
aoa ALSA: aoa: Avoid non-standard macro usage 2019-11-06 15:47:43 +01:00
arm ASoC: pxa: remove snd_pcm_ops 2019-10-08 13:47:20 +01:00
atmel treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
core ALSA: pcm: oss: Avoid potential buffer overflows 2019-12-04 15:51:30 +01:00
drivers ALSA: aloop: Avoid pointer dereference before null-check 2019-11-27 12:16:00 +01:00
firewire Merge branch 'for-linus' into for-next 2019-11-07 16:27:55 +01:00
hda ALSA: hda: Modify stream stripe mask only when needed 2019-12-03 07:46:30 +01:00
i2c ALSA: i2c: ak4xxx-adda: Fix a possible null pointer dereference in build_adc_controls() 2019-07-26 14:25:37 +02:00
isa ALSA: cs4236: fix error return comparison of an unsigned integer 2019-11-22 14:21:27 +01:00
mips ALSA: mips: Convert to the common vmalloc memalloc 2019-11-06 15:47:43 +01:00
oss sound: dmasound_atari: Mark expected switch fall-through 2019-07-30 09:36:13 +02:00
parisc treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 176 2019-05-30 11:29:19 -07:00
pci ALSA: hda: hdmi - Keep old slot assignment behavior for Intel platforms 2019-12-03 20:33:05 +01:00
pcmcia ALSA: pdaudiocf: Convert to the common vmalloc memalloc 2019-11-06 15:47:42 +01:00
ppc ALSA: ps3: Remove Unneeded variable: "ret" 2019-07-10 11:53:31 +02:00
sh ALSA: sh: Remove superfluous snd_dma_continuous_data() 2019-11-06 15:47:41 +01:00
soc ASoC: More updates for v5.5 2019-11-25 14:27:41 +01:00
sparc ALSA: sparc: Remove superfluous snd_dma_continuous_data() 2019-11-06 15:47:41 +01:00
spi treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
synth treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156 2019-05-30 11:26:35 -07:00
usb ALSA: usb-audio: Fix Focusrite Scarlett 6i6 gen1 - input handling 2019-11-25 16:49:35 +01:00
x86 ALSA: intel_hdmi: Remove dev_err() on platform_get_irq() failure 2019-10-25 14:43:23 +02:00
xen ASoC: Updates for v5.3 2019-07-08 14:45:34 +02:00
ac97_bus.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
Kconfig treewide: Add SPDX license identifier - Makefile/Kconfig 2019-05-21 10:50:46 +02:00
last.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156 2019-05-30 11:26:35 -07:00
Makefile
sound_core.c sound: fix a memory leak bug 2019-08-08 08:18:32 +02:00