ALSA: emux: Avoid potential array out-of-bound in snd_emux_xg_control()

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



In snd_emux_control() method "snd_emux_port" can be passed with 
field chset.midi_mode == SNDRV_MIDI_MODE_XG. The "type" can be 
MIDI_CTL_PITCHBEND or MIDI_CTL_CHAN_PRESSURE.
It may lead to accessing 'control' array of size 128 with 
MIDI_CTL_PITCHBEND (0x80) or MIDI_CTL_CHAN_PRESSURE (0x82) index.
 
How can we prevent this? Would it be a good solution to place code like this 
before call snd_emux_xg_control()?
 
if (type == MIDI_CTL_PITCHBEND || type == MIDI_CTL_CHAN_PRESSURE){
    return;
}
 
Found by Linux Verification Center (linuxtesting.org) with SVACE.




[Index of Archives]     [ALSA User]     [Linux Audio Users]     [Pulse Audio]     [Kernel Archive]     [Asterisk PBX]     [Photo Sharing]     [Linux Sound]     [Video 4 Linux]     [Gimp]     [Yosemite News]

  Powered by Linux