| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <TYCP286MB1188FAE2E2B98600F96A99BF8A849@TYCP286MB1188.JPNP286.PROD.OUTLOOK.COM>
Date: Tue, 26 Oct 2021 12:51:00 +0000
From: YE Chengfeng <cyeaa@...nect.ust.hk>
To: Takashi Iwai <tiwai@...e.de>
CC: "perex@...ex.cz" <perex@...ex.cz>,
"tiwai@...e.com" <tiwai@...e.com>,
"chihhao.chen@...iatek.com" <chihhao.chen@...iatek.com>,
"damien@...audio.com" <damien@...audio.com>,
"alsa-devel@...a-project.org" <alsa-devel@...a-project.org>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>
Subject: 回复: 回复: [PATCH] sound/usb: fix null pointer dereference on pointer cs_desc
Got it.
Thanks so much.
-Chengfeng
-----邮件原件-----
发件人: Takashi Iwai <tiwai@...e.de>
发送时间: 2021年10月26日 14:11
收件人: YE Chengfeng <cyeaa@...nect.ust.hk>
抄送: perex@...ex.cz; tiwai@...e.com; chihhao.chen@...iatek.com; damien@...audio.com; alsa-devel@...a-project.org; linux-kernel@...r.kernel.org
主题: Re: 回复: [PATCH] sound/usb: fix null pointer dereference on pointer cs_desc
On Sun, 24 Oct 2021 13:20:48 +0200,
YE Chengfeng wrote:
>
> Hi,
>
> I found another potential null-ptr-dereference problem in this file,
> and not sure whether it is true. I send this patch to you just for
> reference, thinks a lot if you could spare some time to look at it.
The Fixes tag doesn't look correct (the code before the refactoring also didn't have NULL checks), so applied without it now.
thanks,
Takashi
>
> Thanks so much,
> Chengfeng
> ----------------------------------------------------------------------
> --------
> 发件人: YE Chengfeng <cyeaa@...nect.ust.hk>
> 发送时间: 2021年10月24日 19:17
> 收件人: perex@...ex.cz <perex@...ex.cz>; tiwai@...e.com <tiwai@...e.com>;
> chihhao.chen@...iatek.com <chihhao.chen@...iatek.com>;
> damien@...audio.com <damien@...audio.com>
> 抄送: alsa-devel@...a-project.org <alsa-devel@...a-project.org>;
> linux-kernel@...r.kernel.org <linux-kernel@...r.kernel.org>; YE
> Chengfeng <cyeaa@...nect.ust.hk>
> 主题: [PATCH] sound/usb: fix null pointer dereference on pointer cs_desc
>
> The pointer cs_desc return from snd_usb_find_clock_source could be
> null, so there is a potential null pointer dereference issue.
> Fix this by adding a null check before dereference.
>
> Fixes: 9ec73005 ("ALSA: usb-audio: Refactoring UAC2/3 clock setup
> code")
> Signed-off-by: Chengfeng Ye <cyeaa@...nect.ust.hk>
> ---
> sound/usb/clock.c | 4 ++++
> 1 file changed, 4 insertions(+)
>
> diff --git a/sound/usb/clock.c b/sound/usb/clock.c index
> 81d5ce07d548..98345a695dcc 100644
> --- a/sound/usb/clock.c
> +++ b/sound/usb/clock.c
> @@ -496,6 +496,10 @@ int snd_usb_set_sample_rate_v2v3(struct
> snd_usb_audio *chip,
> union uac23_clock_source_desc *cs_desc;
>
> cs_desc = snd_usb_find_clock_source(chip, clock,
> fmt->protocol);
> +
> + if (!cs_desc)
> + return 0;
> +
> if (fmt->protocol == UAC_VERSION_3)
> bmControls = le32_to_cpu(cs_desc->v3.bmControls);
> else
> --
> 2.17.1
>
>
Powered by blists - more mailing lists