linux/sound/pci/hda
Bo Chen a3aa60d511 ALSA: hda - Handle kzalloc() failure in snd_hda_attach_pcm_stream()
When 'kzalloc()' fails in 'snd_hda_attach_pcm_stream()', a new pcm instance is
created without setting its operators via 'snd_pcm_set_ops()'. Following
operations on the new pcm instance can trigger kernel null pointer dereferences
and cause kernel oops.

This bug was found with my work on building a gray-box fault-injection tool for
linux-kernel-module binaries. A kernel null pointer dereference was confirmed
from line 'substream->ops->open()' in function 'snd_pcm_open_substream()' in
file 'sound/core/pcm_native.c'.

This patch fixes the bug by calling 'snd_device_free()' in the error handling
path of 'kzalloc()', which removes the new pcm instance from the snd card before
returns with an error code.

Signed-off-by: Bo Chen <chenbo@pdx.edu>
Cc: <stable@vger.kernel.org>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
2018-06-01 09:38:54 +02:00
..
ca0132_regs.h ALSA: hda: ca0132_regs.h: Fix typo in include guard 2014-08-22 11:24:11 +02:00
dell_wmi_helper.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
hda_auto_parser.c ALSA: hda - Use a macro for snd_array iteration loops 2018-04-24 13:41:53 +02:00
hda_auto_parser.h ALSA: hda - Sort input pins depending on amp caps 2014-09-23 15:57:32 +02:00
hda_beep.c ALSA: hda-beep: add SPDX identifiers 2018-02-20 16:49:59 +01:00
hda_beep.h ALSA: hda-beep: add SPDX identifiers 2018-02-20 16:49:59 +01:00
hda_bind.c ALSA: hda: Fix forget to free resource in error handling code path in hda_codec_driver_probe 2017-09-04 17:33:53 +02:00
hda_codec.c ALSA: hda: use position offset macro of TLV data 2018-05-14 17:47:57 +02:00
hda_codec.h ALSA: hda: Fix regression of hdmi eld control created based on invalid pcm 2017-09-03 16:33:42 +02:00
hda_controller_trace.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
hda_controller.c ALSA: hda - Handle kzalloc() failure in snd_hda_attach_pcm_stream() 2018-06-01 09:38:54 +02:00
hda_controller.h ALSA: hda - Fix doubly initialization of i915 component 2017-06-30 08:58:53 +02:00
hda_eld.c ALSA: hda - Use snd_hdac namespace prefix for chmap exported APIs 2016-03-07 15:46:06 +01:00
hda_generic.c ALSA: hda: use position offset macro of TLV data 2018-05-14 17:47:57 +02:00
hda_generic.h ALSA: hda - Allow to enable/disable vmaster build explicitly 2017-04-10 17:45:27 +02:00
hda_hwdep.c ALSA: hda: Hardening for potential Spectre v1 2018-04-25 10:37:46 +02:00
hda_intel_trace.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
hda_intel.c ALSA: hda: Add Intel NUC5i7RY to the power_save blacklist 2018-05-29 10:01:13 +02:00
hda_intel.h vga_switcheroo: Use device link for HDA controller 2018-03-13 22:58:09 +01:00
hda_jack.c ALSA: hda - Fix bad dereference of jack object 2016-02-09 12:16:31 +01:00
hda_jack.h ALSA: hda - Fix bad dereference of jack object 2016-02-09 12:16:31 +01:00
hda_local.h ALSA: hda: Make use of core codec functions to sync power state 2018-02-12 13:59:48 +01:00
hda_proc.c ALSA: hda/proc - Fix racy string access for power states 2015-08-17 15:12:04 +02:00
hda_sysfs.c ALSA: hda - Use a macro for snd_array iteration loops 2018-04-24 13:41:53 +02:00
hda_tegra.c ALSA: hda/tegra: iomem fixups for sparse warnings 2016-06-22 15:19:10 +02:00
hp_x360_helper.c ALSA: hda/realtek - Fixup for HP x360 laptops with B&O speakers 2018-05-29 22:33:37 +02:00
Kconfig ALSA: hda - Enforce CONFIG_SND_DYNAMIC_MINORS for HDMI/DP codec 2018-05-02 09:08:16 +02:00
local.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
Makefile License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
patch_analog.c ALSA: hda: make snd_kcontrol_new const 2017-08-16 14:29:08 +02:00
patch_ca0110.c ALSA: hda - convert to hda_device_id 2015-10-20 10:15:20 +02:00
patch_ca0132.c ALSA: hda/ca0132: constify parameter table for effects 2018-05-15 18:05:30 +02:00
patch_cirrus.c ALSA: hda - Apply the existing quirk to iMac 14,1 2018-01-10 11:11:54 +01:00
patch_cmedia.c ALSA: hda - convert to hda_device_id 2015-10-20 10:15:20 +02:00
patch_conexant.c ALSA: hda/conexant - Add hp-mic-fix model string 2018-05-22 13:45:37 +02:00
patch_hdmi.c sound: Use octal not symbolic permissions 2018-05-28 11:27:20 +02:00
patch_realtek.c ALSA: hda/realtek - Enable mic-mute hotkey for several Lenovo AIOs 2018-05-30 07:49:00 +02:00
patch_si3054.c ALSA: hda: Constify hw_constraints 2017-06-09 10:42:52 +02:00
patch_sigmatel.c ALSA: hda: make snd_kcontrol_new const 2017-08-16 14:29:08 +02:00
patch_via.c ALSA: hda - convert to hda_device_id 2015-10-20 10:15:20 +02:00
thinkpad_helper.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00