forked from Minki/linux
ALSA: bebob: potential info leak in hwdep_read()
The "count" variable needs to be capped on every path so that we don't
copy too much information to the user.
Fixes: 618eabeae7
("ALSA: bebob: Add hwdep interface")
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Acked-by: Takashi Sakamoto <o-takashi@sakamocchi.jp>
Cc: <stable@vger.kernel.org>
Link: https://lore.kernel.org/r/20201007074928.GA2529578@mwanda
Signed-off-by: Takashi Iwai <tiwai@suse.de>
This commit is contained in:
parent
ca184355db
commit
b41c15f4e1
@ -36,12 +36,11 @@ hwdep_read(struct snd_hwdep *hwdep, char __user *buf, long count,
|
||||
}
|
||||
|
||||
memset(&event, 0, sizeof(event));
|
||||
count = min_t(long, count, sizeof(event.lock_status));
|
||||
if (bebob->dev_lock_changed) {
|
||||
event.lock_status.type = SNDRV_FIREWIRE_EVENT_LOCK_STATUS;
|
||||
event.lock_status.status = (bebob->dev_lock_count > 0);
|
||||
bebob->dev_lock_changed = false;
|
||||
|
||||
count = min_t(long, count, sizeof(event.lock_status));
|
||||
}
|
||||
|
||||
spin_unlock_irq(&bebob->lock);
|
||||
|
Loading…
Reference in New Issue
Block a user