This is a note to let you know that I've just added the patch titled
ALSA: bebob: potential info leak in hwdep_read()
to the 4.19-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
alsa-bebob-potential-info-leak-in-hwdep_read.patch
and it can be found in the queue-4.19 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.
>From b41c15f4e1c1f1657da15c482fa837c1b7384452 Mon Sep 17 00:00:00 2001
From: Dan Carpenter <dan.carpenter@xxxxxxxxxx>
Date: Wed, 7 Oct 2020 10:49:28 +0300
Subject: ALSA: bebob: potential info leak in hwdep_read()
From: Dan Carpenter <dan.carpenter@xxxxxxxxxx>
commit b41c15f4e1c1f1657da15c482fa837c1b7384452 upstream.
The "count" variable needs to be capped on every path so that we don't
copy too much information to the user.
Fixes: 618eabeae711 ("ALSA: bebob: Add hwdep interface")
Signed-off-by: Dan Carpenter <dan.carpenter@xxxxxxxxxx>
Acked-by: Takashi Sakamoto <o-takashi@xxxxxxxxxxxxx>
Cc: <stable@xxxxxxxxxxxxxxx>
Link: https://lore.kernel.org/r/20201007074928.GA2529578@mwanda
Signed-off-by: Takashi Iwai <tiwai@xxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
---
sound/firewire/bebob/bebob_hwdep.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
--- a/sound/firewire/bebob/bebob_hwdep.c
+++ b/sound/firewire/bebob/bebob_hwdep.c
@@ -37,12 +37,11 @@ hwdep_read(struct snd_hwdep *hwdep, char
}
memset(&event, 0, sizeof(event));
+ count = min_t(long, count, sizeof(event.lock_status));
if (bebob->dev_lock_changed) {
event.lock_status.type = SNDRV_FIREWIRE_EVENT_LOCK_STATUS;
event.lock_status.status = (bebob->dev_lock_count > 0);
bebob->dev_lock_changed = false;
-
- count = min_t(long, count, sizeof(event.lock_status));
}
spin_unlock_irq(&bebob->lock);
Patches currently in stable-queue which might be from dan.carpenter@xxxxxxxxxx are
queue-4.19/alsa-bebob-potential-info-leak-in-hwdep_read.patch
