On Fri, Aug 27, 2021 at 08:05:00AM +0200, Takashi Iwai wrote:
> On Fri, 27 Aug 2021 02:48:21 +0200,
> Zubin Mithra wrote:
> >
> > Syzkaller reported a divide error in snd_pcm_lib_ioctl. fifo_size
> > is of type snd_pcm_uframes_t(unsigned long). If frame_size
> > is 0x100000000, the error occurs.
> >
> > Fixes: a9960e6a293e ("ALSA: pcm: fix fifo_size frame calculation")
> > Signed-off-by: Zubin Mithra <zsm@xxxxxxxxxxxx>
> > ---
> > sound/core/pcm_lib.c | 2 +-
> > 1 file changed, 1 insertion(+), 1 deletion(-)
> >
> > diff --git a/sound/core/pcm_lib.c b/sound/core/pcm_lib.c
> > index 7d5883432085..e41b4e01aa37 100644
> > --- a/sound/core/pcm_lib.c
> > +++ b/sound/core/pcm_lib.c
> > @@ -1746,7 +1746,7 @@ static int snd_pcm_lib_ioctl_fifo_size(struct snd_pcm_substream *substream,
> > channels = params_channels(params);
> > frame_size = snd_pcm_format_size(format, channels);
> > if (frame_size > 0)
> > - params->fifo_size /= (unsigned)frame_size;
> > + params->fifo_size /= (unsigned long)frame_size;
>
> I guess we can drop the cast completely, instead?
> It'd be less ugliness.
Sounds good, thanks, I've sent out a v2.
>
>
> Thanks!
>
> Takashi
