| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20211214152530.23767-1-linmq006@gmail.com>
Date: Tue, 14 Dec 2021 15:25:30 +0000
From: Miaoqian Lin <linmq006@...il.com>
To: unlisted-recipients:; (no To-header on input)
Cc: linmq006@...il.com,
Srinivas Kandagatla <srinivas.kandagatla@...aro.org>,
Banajit Goswami <bgoswami@...eaurora.org>,
Liam Girdwood <lgirdwood@...il.com>,
Mark Brown <broonie@...nel.org>,
Jaroslav Kysela <perex@...ex.cz>,
Takashi Iwai <tiwai@...e.com>, alsa-devel@...a-project.org,
linux-kernel@...r.kernel.org
Subject: [PATCH] ASoC: wcd934x: Fix a incorrect use of kstrndup
In wcd934x_codec_enable_dec(), widget_name is allocated by kstrndup().
However, according to doc: "Note: Use kmemdup_nul() instead if the size
is known exactly." So we should use kmemdup_nul() here instead of
kstrndup(). It's similar to CVE-2019-12454.
Signed-off-by: Miaoqian Lin <linmq006@...il.com>
---
sound/soc/codecs/wcd934x.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/sound/soc/codecs/wcd934x.c b/sound/soc/codecs/wcd934x.c
index e63c6b723d76..c6677cfbce59 100644
--- a/sound/soc/codecs/wcd934x.c
+++ b/sound/soc/codecs/wcd934x.c
@@ -5005,7 +5005,7 @@ static int wcd934x_codec_enable_dec(struct snd_soc_dapm_widget *w,
char *dec;
u8 hpf_coff_freq;
- widget_name = kstrndup(w->name, 15, GFP_KERNEL);
+ widget_name = kmemdup_nul(w->name, 15, GFP_KERNEL);
if (!widget_name)
return -ENOMEM;
--
2.17.1
Powered by blists - more mailing lists