lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-Id: <20201028142001.22431-1-srinivas.kandagatla@linaro.org>
Date:   Wed, 28 Oct 2020 14:20:01 +0000
From:   Srinivas Kandagatla <srinivas.kandagatla@...aro.org>
To:     broonie@...nel.org
Cc:     perex@...ex.cz, alsa-devel@...a-project.org,
        linux-kernel@...r.kernel.org, lgirdwood@...il.com,
        Srinivas Kandagatla <srinivas.kandagatla@...aro.org>,
        Colin Ian King <colin.king@...onical.com>
Subject: [PATCH] ASoC: qcom: sm8250: Fix array out of bounds access

Static analysis Coverity had detected a potential array out-of-bounds
write issue due to the fact that MAX AFE port Id was set to 16 instead
of using AFE_PORT_MAX macro.

Fix this by properly using AFE_PORT_MAX macro.

Fixes: aa2e2785545a ("ASoC: qcom: sm8250: add sound card qrb5165-rb5 support")
Reported-by: Colin Ian King <colin.king@...onical.com>
Signed-off-by: Srinivas Kandagatla <srinivas.kandagatla@...aro.org>
---
 sound/soc/qcom/sm8250.c | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/sound/soc/qcom/sm8250.c b/sound/soc/qcom/sm8250.c
index 7d43de6d909f..52c40512102f 100644
--- a/sound/soc/qcom/sm8250.c
+++ b/sound/soc/qcom/sm8250.c
@@ -13,12 +13,11 @@
 
 #define DRIVER_NAME		"sm8250"
 #define MI2S_BCLK_RATE		1536000
-#define MAX_SDW_STREAMS		16
 
 struct sm8250_snd_data {
-	bool stream_prepared[MAX_SDW_STREAMS];
+	bool stream_prepared[AFE_PORT_MAX];
 	struct snd_soc_card *card;
-	struct sdw_stream_runtime *sruntime[MAX_SDW_STREAMS];
+	struct sdw_stream_runtime *sruntime[AFE_PORT_MAX];
 };
 
 static int sm8250_be_hw_params_fixup(struct snd_soc_pcm_runtime *rtd,
-- 
2.21.0

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ