diff options
| author | Artemii Karasev <karasev@ispras.ru> | 2023-01-19 00:22:59 -0800 |
|---|---|---|
| committer | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2023-02-09 11:28:01 +0100 |
| commit | f011360ad234a07cb6fbcc720fff646a93a9f0d6 (patch) | |
| tree | e6494936925a33c15ad8608cbcb5341ae6de38cd /sound | |
| parent | 6a199d556c0255a58023416ece1320305dd53c12 (diff) | |
| download | linux-stable-f011360ad234a07cb6fbcc720fff646a93a9f0d6.tar.gz linux-stable-f011360ad234a07cb6fbcc720fff646a93a9f0d6.tar.bz2 linux-stable-f011360ad234a07cb6fbcc720fff646a93a9f0d6.zip | |
ALSA: hda/via: Avoid potential array out-of-bound in add_secret_dac_path()
[ Upstream commit b9cee506da2b7920b5ea02ccd8e78a907d0ee7aa ]
snd_hda_get_connections() can return a negative error code.
It may lead to accessing 'conn' array at a negative index.
Found by Linux Verification Center (linuxtesting.org) with SVACE.
Signed-off-by: Artemii Karasev <karasev@ispras.ru>
Fixes: 30b4503378c9 ("ALSA: hda - Expose secret DAC-AA connection of some VIA codecs")
Link: https://lore.kernel.org/r/20230119082259.3634-1-karasev@ispras.ru
Signed-off-by: Takashi Iwai <tiwai@suse.de>
Signed-off-by: Sasha Levin <sashal@kernel.org>
Diffstat (limited to 'sound')
| -rw-r--r-- | sound/pci/hda/patch_via.c | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/sound/pci/hda/patch_via.c b/sound/pci/hda/patch_via.c index aea7fae2ca4b..2994f85bc1b9 100644 --- a/sound/pci/hda/patch_via.c +++ b/sound/pci/hda/patch_via.c @@ -819,6 +819,9 @@ static int add_secret_dac_path(struct hda_codec *codec) return 0; nums = snd_hda_get_connections(codec, spec->gen.mixer_nid, conn, ARRAY_SIZE(conn) - 1); + if (nums < 0) + return nums; + for (i = 0; i < nums; i++) { if (get_wcaps_type(get_wcaps(codec, conn[i])) == AC_WID_AUD_OUT) return 0; |