Minki/linux
1
0
Fork 1
mirror of https://github.com/torvalds/linux.git synced 2024-12-20 01:52:13 +00:00
Code Issues Packages Projects Releases Wiki Activity
fb9e6039c3
linux/sound/usb
History
Takashi Iwai a3dd4d63ee ALSA: usb-audio: Fix out of bounds reads when finding clock sources 
The current USB-audio driver code doesn't check bLength of each
descriptor at traversing for clock descriptors.  That is, when a
device provides a bogus descriptor with a shorter bLength, the driver
might hit out-of-bounds reads.

For addressing it, this patch adds sanity checks to the validator
functions for the clock descriptor traversal.  When the descriptor
length is shorter than expected, it's skipped in the loop.

For the clock source and clock multiplier descriptors, we can just
check bLength against the sizeof() of each descriptor type.
OTOH, the clock selector descriptor of UAC2 and UAC3 has an array
of bNrInPins elements and two more fields at its tail, hence those
have to be checked in addition to the sizeof() check.

Reported-by: Benoît Sevens <bsevens@google.com>
Cc: <stable@vger.kernel.org>
Link: https://lore.kernel.org/20241121140613.3651-1-bsevens@google.com
Link: https://patch.msgid.link/20241125144629.20757-1-tiwai@suse.de
Signed-off-by: Takashi Iwai <tiwai@suse.de>
2024-11-25 15:48:22 +01:00
..
6fire ALSA: 6fire: Release resources at card release 2024-11-13 13:33:47 +01:00
bcd2000 ALSA: bcd2000: refactor deprecated strncpy 2023-07-29 13:53:56 +02:00
caiaq ALSA: caiaq: Use snd_card_free_when_closed() at disconnection 2024-11-13 13:33:47 +01:00
hiface ALSA: usb: Use *-y instead of *-objs in Makefile 2024-05-08 18:17:53 +02:00
line6 ALSA: line6: update contact information 2024-10-10 14:02:57 +02:00
misc ALSA: usb: Use *-y instead of *-objs in Makefile 2024-05-08 18:17:53 +02:00
usx2y ALSA: us122l: Drop mmap_count field 2024-11-13 13:33:47 +01:00
card.c ALSA: usb-audio: Add logitech Audio profile quirk 2024-09-12 18:01:25 +02:00
card.h ALSA: usb-audio: Add new quirk FIXED_RATE for JBL Quantum810 Wireless 2022-12-22 09:13:54 +01:00
clock.c ALSA: usb-audio: Fix out of bounds reads when finding clock sources 2024-11-25 15:48:22 +01:00
clock.h ALSA: usb-audio: Constify audioformat pointer references 2020-11-23 15:15:36 +01:00
endpoint.c ALSA: usb-audio: Check shutdown at endpoint_set_interface() 2024-08-08 11:16:15 +02:00
endpoint.h ALSA: usb-audio: Remove unused function declaration 2023-08-01 16:56:57 +02:00
format.c ALSA: usb-audio: Support multiple control interfaces 2024-08-12 16:17:46 +02:00
format.h ALSA: usb: initial USB Audio Device Class 3.0 support 2018-03-21 11:46:33 +01:00
helper.c ALSA: usb-audio: Support multiple control interfaces 2024-08-12 16:17:46 +02:00
helper.h ALSA: usb-audio: Support multiple control interfaces 2024-08-12 16:17:46 +02:00
implicit.c ALSA: usb-audio: Always initialize fixed_rate in snd_usb_find_implicit_fb_sync_format() 2023-01-09 16:05:21 +01:00
implicit.h ALSA: usb-audio: Add new quirk FIXED_RATE for JBL Quantum810 Wireless 2022-12-22 09:13:54 +01:00
Kconfig ALSA: usb-audio: USB MIDI 2.0 UMP support 2023-05-23 12:11:02 +02:00
Makefile ALSA: usb: Use *-y instead of *-objs in Makefile 2024-05-08 18:17:53 +02:00
media.c ALSA: pcm: Don't embed device 2023-08-17 09:23:45 +02:00
media.h media: sound/usb: Use Media Controller API to share media resources 2019-04-22 11:21:06 -04:00
midi2.c ALSA: usb-audio: Update UMP group attributes for GTB blocks, too 2024-08-07 11:31:38 +02:00
midi2.h ALSA: usb-audio: USB MIDI 2.0 UMP support 2023-05-23 12:11:02 +02:00
midi.c ALSA: usb-audio: Use standard print API 2024-08-08 07:49:47 +02:00
midi.h ALSA: usb-audio: Manage number of rawmidis globally 2023-05-23 12:11:00 +02:00
mixer_maps.c ALSA: usb-audio: Add quirk for Microsoft Modern Wireless Headset 2023-07-25 14:21:11 +02:00
mixer_quirks.c Merge branch 'for-linus' into for-next 2024-11-05 13:03:12 +01:00
mixer_quirks.h ALSA: usb-audio: Drop CONFIG_PM ifdefs 2021-12-06 10:19:40 +01:00
mixer_s1810c.c ALSA: usb-audio: remove redundant assignment to variable c 2022-02-08 08:21:32 +01:00
mixer_s1810c.h ALSA: usb-audio: Add support for Presonus Studio 1810c 2020-02-15 09:46:16 +01:00
mixer_scarlett2.c Merge branch 'topic/compress-accel' into for-next 2024-10-25 10:54:09 +02:00
mixer_scarlett2.h ALSA: scarlett2: Rename scarlett_gen2 to scarlett2 2023-10-27 11:22:59 +02:00
mixer_scarlett.c ALSA: usb-audio: Support multiple control interfaces 2024-08-12 16:17:46 +02:00
mixer_scarlett.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
mixer_us16x08.c ALSA: usb-audio: US16x08: Move overflow check before array access 2022-06-13 07:40:08 +02:00
mixer_us16x08.h ALSA: usb: Constify snd_kcontrol_new items 2020-01-03 09:24:34 +01:00
mixer.c ALSA: usb-audio: Make mic volume workarounds globally applicable 2024-11-05 13:03:52 +01:00
mixer.h ALSA: usb-audio: Add input value sanity checks for standard types 2024-08-06 18:27:08 +02:00
pcm.c ALSA: usb-audio: Fix broken resume due to UAC3 power state 2023-06-16 09:28:08 +02:00
pcm.h ALSA: usb-audio: Add new quirk FIXED_RATE for JBL Quantum810 Wireless 2022-12-22 09:13:54 +01:00
power.c ALSA: usb-audio: Support multiple control interfaces 2024-08-12 16:17:46 +02:00
power.h ALSA: usb-audio: Support multiple control interfaces 2024-08-12 16:17:46 +02:00
proc.c ALSA: usb-audio: Show sync endpoint information in proc outputs 2020-11-23 15:16:45 +01:00
proc.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
quirks-table.h Merge branch 'for-linus' into for-next 2024-11-18 14:39:29 +01:00
quirks.c ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices 2024-11-20 14:18:37 +01:00
quirks.h ALSA: usb-audio: Register card at the last interface 2022-09-06 11:04:56 +02:00
stream.c ALSA: usb-audio: Fix NULL pointer deref in snd_usb_power_domain_set() 2024-10-10 13:58:44 +02:00
stream.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
usbaudio.h ALSA: usb-audio: Make mic volume workarounds globally applicable 2024-11-05 13:03:52 +01:00
validate.c ALSA: usb-audio: Fix endianess in descriptor validation 2020-02-01 09:06:11 +01:00