Re: [PATCH] ALSA: pcm: oss: Avoid plugin buffer overflow

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



> ...
>
> This patch addresses those possible buffer overflow accesses by simply
> setting the upper limit per the given buffer size for each plugin
> before src_frames() and after dst_frames() calls.

Hi!

This patch breaks any output via oss interface, as evident by "mpv
--ao=oss somefile.mp3" or "mpg123 -o oss somefile.mp3" or just "cat
/dev/urandom > /dev/dsp", which worked previously in kernel version 5.5
but not any longer starting with 5.6.

It appears here that plugin->buf_frames is zero which results in ENXIO
returned to userspace.

> ...
> --- a/sound/core/oss/pcm_plugin.c
> +++ b/sound/core/oss/pcm_plugin.c
> @@ -209,6 +209,8 @@ snd_pcm_sframes_t snd_pcm_plug_client_size(struct snd_pcm_substream *plug, snd_p
>  	if (stream == SNDRV_PCM_STREAM_PLAYBACK) {
>  		plugin = snd_pcm_plug_last(plug);
>  		while (plugin && drv_frames > 0) {
> +			if (drv_frames > plugin->buf_frames)
> +				drv_frames = plugin->buf_frames;
>  			plugin_prev = plugin->prev;
>  			if (plugin->src_frames)
>  				drv_frames = plugin->src_frames(plugin, drv_frames);
> ...



[Index of Archives]     [ALSA User]     [Linux Audio Users]     [Pulse Audio]     [Kernel Archive]     [Asterisk PBX]     [Photo Sharing]     [Linux Sound]     [Video 4 Linux]     [Gimp]     [Yosemite News]

  Powered by Linux