ALSA: pcm: oss: Avoid potential buffer overflows - linux - Linux Kernel (branches are rebased on master from time to time)

diff options

author	Takashi Iwai <tiwai@suse.de>	2019-12-04 15:48:24 +0100
committer	Takashi Iwai <tiwai@suse.de>	2019-12-04 15:51:30 +0100
commit	4cc8d6505ab82db3357613d36e6c58a297f57f7c (patch)
tree	47516d45861f38b6a35029f906025922b0723ade /include
parent	643a2cc99b53c13d90c02dc344f780ba9a89e012 (diff)
download	linux-4cc8d6505ab82db3357613d36e6c58a297f57f7c.tar.bz2

ALSA: pcm: oss: Avoid potential buffer overflows

syzkaller reported an invalid access in PCM OSS read, and this seems to be an overflow of the internal buffer allocated for a plugin. Since the rate plugin adjusts its transfer size dynamically, the calculation for the chained plugin might be bigger than the given buffer size in some extreme cases, which lead to such an buffer overflow as caught by KASAN. Fix it by limiting the max transfer size properly by checking against the destination size in each plugin transfer callback. Reported-by: syzbot+f153bde47a62e0b05f83@syzkaller.appspotmail.com Cc: <stable@vger.kernel.org> Link: https://lore.kernel.org/r/20191204144824.17801-1-tiwai@suse.de Signed-off-by: Takashi Iwai <tiwai@suse.de>

Diffstat (limited to 'include')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: