ALSA: compress: fix an integer overflow check - starfive-tech/linux.git - StarFive Tech Linux Kernel for VisionFive (JH7110) boards (mirror)

diff options

author	Dan Carpenter <dan.carpenter@oracle.com>	2014-07-16 10:37:04 +0400
committer	Takashi Iwai <tiwai@suse.de>	2014-07-16 17:27:03 +0400
commit	6217e5ede23285ddfee10d2e4ba0cc2d4c046205 (patch)
tree	568d58db520a580ce8070d55d695ec854d8d9bea /sound/pci
parent	892028acf020e5f9f8e8894b404400b360f5fe4f (diff)
download	linux-6217e5ede23285ddfee10d2e4ba0cc2d4c046205.tar.xz

ALSA: compress: fix an integer overflow check

I previously added an integer overflow check here but looking at it now, it's still buggy. The bug happens in snd_compr_allocate_buffer(). We multiply ".fragments" and ".fragment_size" and that doesn't overflow but then we save it in an unsigned int so it truncates the high bits away and we allocate a smaller than expected size. Fixes: b35cc8225845 ('ALSA: compress_core: integer overflow in snd_compr_allocate_buffer()') Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com> Signed-off-by: Takashi Iwai <tiwai@suse.de>

Diffstat (limited to 'sound/pci')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: