ALSA: hda/via: Avoid potential array out-of-bound in add_secret_dac_path()

[ Upstream commit b9cee506da2b7920b5ea02ccd8e78a907d0ee7aa ] snd_hda_get_connections() can return a negative error code. It may lead to accessing 'conn' array at a negative index. Found by Linux Verification Center (linuxtesting.org) with SVACE. Signed-off-by: Artemii Karasev <karasev@ispras.ru> Fixes: 30b4503378c9 ("ALSA: hda - Expose secret DAC-AA connection of some VIA codecs") Link: https://lore.kernel.org/r/20230119082259.3634-1-karasev@ispras.ru Signed-off-by: Takashi Iwai <tiwai@suse.de> Signed-off-by: Sasha Levin <sashal@kernel.org>
author: Artemii Karasev <karasev@ispras.ru> 2023-01-19 11:22:59 +0300
committer: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 2023-02-22 14:50:23 +0300
commit: d6870f3800dbb212ae8433183ee82f566d067c6c (patch)
tree: ae4a19b67ba37c09ab4acdfd279821b0c7f5f31a /sound
parent: 412fddc09612a26b43e1a09baa537052f1f290cf (diff)
download: linux-d6870f3800dbb212ae8433183ee82f566d067c6c.tar.xz
1 files changed, 3 insertions, 0 deletions
diff --git a/sound/pci/hda/patch_via.c b/sound/pci/hda/patch_via.c
index 3edb4e25797d..4a74ccf7cf3e 100644
--- a/sound/pci/hda/patch_via.c
+++ b/sound/pci/hda/patch_via.c
@@ -821,6 +821,9 @@ static int add_secret_dac_path(struct hda_codec *codec)
 		return 0;
 	nums = snd_hda_get_connections(codec, spec->gen.mixer_nid, conn,
 				       ARRAY_SIZE(conn) - 1);
+	if (nums < 0)
+		return nums;
+
 	for (i = 0; i < nums; i++) {
 		if (get_wcaps_type(get_wcaps(codec, conn[i])) == AC_WID_AUD_OUT)
 			return 0;
author	Artemii Karasev <karasev@ispras.ru>	2023-01-19 11:22:59 +0300
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>	2023-02-22 14:50:23 +0300
commit	d6870f3800dbb212ae8433183ee82f566d067c6c (patch)
tree	ae4a19b67ba37c09ab4acdfd279821b0c7f5f31a /sound
parent	412fddc09612a26b43e1a09baa537052f1f290cf (diff)
download	linux-d6870f3800dbb212ae8433183ee82f566d067c6c.tar.xz