| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <1526594939-21084-1-git-send-email-ruslan.bilovol@gmail.com>
Date: Fri, 18 May 2018 01:08:59 +0300
From: Ruslan Bilovol <ruslan.bilovol@...il.com>
To: Takashi Iwai <tiwai@...e.com>
Cc: Dan Carpenter <dan.carpenter@...cle.com>,
alsa-devel@...a-project.org, linux-kernel@...r.kernel.org
Subject: [PATCH] ALSA: usb: stream: fix potential memory leak during uac3 interface parsing
UAC3 channel map is created during interface parsing,
and in some cases was not freed in failure paths.
Reported-by: Dan Carpenter <dan.carpenter@...cle.com>
Signed-off-by: Ruslan Bilovol <ruslan.bilovol@...il.com>
---
sound/usb/stream.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/sound/usb/stream.c b/sound/usb/stream.c
index bce3152..d16e1c2 100644
--- a/sound/usb/stream.c
+++ b/sound/usb/stream.c
@@ -982,13 +982,16 @@ static int parse_uac_endpoint_attributes(struct snd_usb_audio *chip,
dev_err(&dev->dev, "%u:%d : bogus bTerminalLink %d\n",
iface_no, altno, as->bTerminalLink);
+ kfree(chmap);
return NULL;
found_clock:
fp = audio_format_alloc_init(chip, alts, UAC_VERSION_3, iface_no,
altset_idx, altno, num_channels, clock);
- if (!fp)
+ if (!fp) {
+ kfree(chmap);
return ERR_PTR(-ENOMEM);
+ }
fp->chmap = chmap;
@@ -1009,6 +1012,7 @@ static int parse_uac_endpoint_attributes(struct snd_usb_audio *chip,
iface_no);
/* ok, let's parse further... */
if (snd_usb_parse_audio_format_v3(chip, fp, as, stream) < 0) {
+ kfree(fp->chmap);
kfree(fp->rate_table);
kfree(fp);
return NULL;
--
1.9.1
Powered by blists - more mailing lists