Commit 3788210
ASoC: hdac_hda: fix hda pcm buffer overflow issue
When KASAN is enabled, below log might be dumped with Intel EHL hardware:
[ 48.583597] ==================================================================
[ 48.585921] BUG: KASAN: slab-out-of-bounds in hdac_hda_dai_hw_params+0x20a/0x22b [snd_soc_hdac_hda]
[ 48.587995] Write of size 4 at addr ffff888103489708 by task pulseaudio/759
[ 48.589237] CPU: 2 PID: 759 Comm: pulseaudio Tainted: G U E 5.15.71-intel-ese-standard-lts #9
[ 48.591272] Hardware name: Intel Corporation Elkhart Lake Embedded Platform/ElkhartLake LPDDR4x T3 CRB, BIOS EHLSFWI1.R00.4251.A01.2206130432 06/13/2022
[ 48.593010] Call Trace:
[ 48.593648] <TASK>
[ 48.593852] dump_stack_lvl+0x34/0x48
[ 48.594404] print_address_description.constprop.0+0x1f/0x140
[ 48.595174] ? hdac_hda_dai_hw_params+0x20a/0x22b [snd_soc_hdac_hda]
[ 48.595868] ? hdac_hda_dai_hw_params+0x20a/0x22b [snd_soc_hdac_hda]
[ 48.596519] kasan_report.cold+0x7f/0x11b
[ 48.597003] ? hdac_hda_dai_hw_params+0x20a/0x22b [snd_soc_hdac_hda]
[ 48.597885] hdac_hda_dai_hw_params+0x20a/0x22b [snd_soc_hdac_hda]
HDAC_LAST_DAI_ID is last index id, pcm buffer array size should
be +1 to avoid out of bound access.
Fixes: 608b8c3 ("ASoC: hdac_hda: add support for HDMI/DP as a HDA codec")
Reviewed-by: Kai Vehmanen <[email protected]>
Reviewed-by: Pierre-Louis Bossart <[email protected]>
Signed-off-by: Junxiao Chang <[email protected]>
Signed-off-by: Furong Zhou <[email protected]>
Link: https://lore.kernel.org/r/[email protected]
Signed-off-by: Mark Brown <[email protected]>1 parent 7c0f8f1 commit 3788210
1 file changed
+2
-2
lines changed| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
14 | 14 | | |
15 | 15 | | |
16 | 16 | | |
17 | | - | |
| 17 | + | |
18 | 18 | | |
19 | 19 | | |
20 | 20 | | |
| |||
24 | 24 | | |
25 | 25 | | |
26 | 26 | | |
27 | | - | |
| 27 | + | |
28 | 28 | | |
29 | 29 | | |
30 | 30 | | |
| |||
0 commit comments