[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <20191203223427.350424112@linuxfoundation.org>
Date: Tue, 3 Dec 2019 23:31:10 +0100
From: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
To: linux-kernel@...r.kernel.org
Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
stable@...r.kernel.org, Xiaojun Sang <xsang@...eaurora.org>,
Srinivas Kandagatla <srinivas.kandagatla@...aro.org>,
Vinod Koul <vkoul@...nel.org>, Mark Brown <broonie@...nel.org>,
Sasha Levin <sashal@...nel.org>
Subject: [PATCH 4.19 004/321] ASoC: compress: fix unsigned integer overflow check
From: Xiaojun Sang <xsang@...eaurora.org>
[ Upstream commit d3645b055399538415586ebaacaedebc1e5899b0 ]
Parameter fragments and fragment_size are type of u32. U32_MAX is
the correct check.
Signed-off-by: Xiaojun Sang <xsang@...eaurora.org>
Signed-off-by: Srinivas Kandagatla <srinivas.kandagatla@...aro.org>
Acked-by: Vinod Koul <vkoul@...nel.org>
Link: https://lore.kernel.org/r/20191021095432.5639-1-srinivas.kandagatla@linaro.org
Signed-off-by: Mark Brown <broonie@...nel.org>
Signed-off-by: Sasha Levin <sashal@...nel.org>
---
sound/core/compress_offload.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/sound/core/compress_offload.c b/sound/core/compress_offload.c
index 516ec35873256..509038d6bccdb 100644
--- a/sound/core/compress_offload.c
+++ b/sound/core/compress_offload.c
@@ -529,7 +529,7 @@ static int snd_compress_check_input(struct snd_compr_params *params)
{
/* first let's check the buffer parameter's */
if (params->buffer.fragment_size == 0 ||
- params->buffer.fragments > INT_MAX / params->buffer.fragment_size ||
+ params->buffer.fragments > U32_MAX / params->buffer.fragment_size ||
params->buffer.fragments == 0)
return -EINVAL;
--
2.20.1
Powered by blists - more mailing lists