diff options
| author | Michał Mirosław <mirq-linux@rere.qmqm.pl> | 2020-06-08 18:50:39 +0200 |
|---|---|---|
| committer | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2020-06-22 09:05:03 +0200 |
| commit | ef1e0bfce4b46b3d378fc49e4b32a36e7fe4595f (patch) | |
| tree | 6cb609437ba01a8c7d0e528c83ea9ccba6a26197 /sound | |
| parent | 7c3261d8bc343a20c748b6a9fcb51218167cba45 (diff) | |
| download | linux-stable-ef1e0bfce4b46b3d378fc49e4b32a36e7fe4595f.tar.gz linux-stable-ef1e0bfce4b46b3d378fc49e4b32a36e7fe4595f.tar.bz2 linux-stable-ef1e0bfce4b46b3d378fc49e4b32a36e7fe4595f.zip | |
ALSA: pcm: disallow linking stream to itself
commit 951e2736f4b11b58dc44d41964fa17c3527d882a upstream.
Prevent SNDRV_PCM_IOCTL_LINK linking stream to itself - the code
can't handle it. Fixed commit is not where bug was introduced, but
changes the context significantly.
Cc: stable@vger.kernel.org
Fixes: 0888c321de70 ("pcm_native: switch to fdget()/fdput()")
Signed-off-by: Michał Mirosław <mirq-linux@rere.qmqm.pl>
Link: https://lore.kernel.org/r/89c4a2487609a0ed6af3ecf01cc972bdc59a7a2d.1591634956.git.mirq-linux@rere.qmqm.pl
Signed-off-by: Takashi Iwai <tiwai@suse.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Diffstat (limited to 'sound')
| -rw-r--r-- | sound/core/pcm_native.c | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/sound/core/pcm_native.c b/sound/core/pcm_native.c index f03ceaff75b5..7c12b0deb4eb 100644 --- a/sound/core/pcm_native.c +++ b/sound/core/pcm_native.c @@ -1982,6 +1982,11 @@ static int snd_pcm_link(struct snd_pcm_substream *substream, int fd) } pcm_file = f.file->private_data; substream1 = pcm_file->substream; + if (substream == substream1) { + res = -EINVAL; + goto _badf; + } + group = kmalloc(sizeof(*group), GFP_KERNEL); if (!group) { res = -ENOMEM; |