Previously, calling snd_pcm_open with a null pointer argument for
"name" caused a segmentation fault in snd_config_search_definition.
The segmentation fault resulted from invoking undefined behavior by
calling strchr with a null pointer argument.
The issue can be reproduced by passing a null pointer for "name" to
snd_pcm_open.
To prevent this instance of strchr to be invoked with a null pointer
argument, snd_config_search_definition now returns EINVAL if argument
"name" is a null pointer.
Signed-off-by: Markus Seeber <markus.seeber@xxxxxxxxxxxxxxx>
---
src/conf.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/src/conf.c b/src/conf.c
index e71bb972..e04b575b 100644
--- a/src/conf.c
+++ b/src/conf.c
@@ -5078,6 +5078,8 @@ int snd_config_search_definition(snd_config_t *config,
{
snd_config_t *conf;
char *key;
+ if(name == NULL)
+ return -EINVAL;
const char *args = strchr(name, ':');
int err;
if (args) {
--
2.15.1
_______________________________________________
Alsa-devel mailing list
Alsa-devel@xxxxxxxxxxxxxxxx
http://mailman.alsa-project.org/mailman/listinfo/alsa-devel
