mirror of
https://github.com/Divested-Mobile/DivestOS-Build.git
synced 2024-10-01 05:35:54 +00:00
36 lines
1.5 KiB
Diff
36 lines
1.5 KiB
Diff
From 38ddb9427aa96bdfcdc5fe1877f439d2f7bdd87b Mon Sep 17 00:00:00 2001
|
|
From: vivek mehta <mvivek@codeaurora.org>
|
|
Date: Mon, 12 Sep 2016 17:27:06 -0700
|
|
Subject: [PATCH] ASoC: msm: initialize the params array before using it
|
|
|
|
The params array is used without initialization, which may cause
|
|
security issues. Initialize it as all zero after the definition.
|
|
|
|
bug: 30902162
|
|
Change-Id: If462fe3d82f139d72547f82dc7eb564f83cb35bf
|
|
Signed-off-by: vivek mehta <mvivek@codeaurora.org>
|
|
---
|
|
sound/soc/msm/qdsp6v2/msm-compr-q6-v2.c | 2 ++
|
|
1 file changed, 2 insertions(+)
|
|
|
|
diff --git a/sound/soc/msm/qdsp6v2/msm-compr-q6-v2.c b/sound/soc/msm/qdsp6v2/msm-compr-q6-v2.c
|
|
index cec79eaa81e4c..0d957246459ad 100644
|
|
--- a/sound/soc/msm/qdsp6v2/msm-compr-q6-v2.c
|
|
+++ b/sound/soc/msm/qdsp6v2/msm-compr-q6-v2.c
|
|
@@ -1036,6 +1036,7 @@ static int msm_compr_ioctl_shared(struct snd_pcm_substream *substream,
|
|
struct snd_dec_ddp *ddp =
|
|
&compr->info.codec_param.codec.options.ddp;
|
|
uint32_t params_length = 0;
|
|
+ memset(params_value, 0, MAX_AC3_PARAM_SIZE);
|
|
/* check integer overflow */
|
|
if (ddp->params_length > UINT_MAX/sizeof(int)) {
|
|
pr_err("%s: Integer overflow ddp->params_length %d\n",
|
|
@@ -1076,6 +1077,7 @@ static int msm_compr_ioctl_shared(struct snd_pcm_substream *substream,
|
|
struct snd_dec_ddp *ddp =
|
|
&compr->info.codec_param.codec.options.ddp;
|
|
uint32_t params_length = 0;
|
|
+ memset(params_value, 0, MAX_AC3_PARAM_SIZE);
|
|
/* check integer overflow */
|
|
if (ddp->params_length > UINT_MAX/sizeof(int)) {
|
|
pr_err("%s: Integer overflow ddp->params_length %d\n",
|