Received: by 2002:a05:6358:9144:b0:117:f937:c515 with SMTP id r4csp5913220rwr; Tue, 9 May 2023 07:53:41 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ6i0Pxua+tgcNPH1Yc68H84rvEx1keJx2HfW9ztVQlgc9zl7q6Fsen8Jew11neioNnaJOKC X-Received: by 2002:a05:6a21:8dc5:b0:fc:7650:1064 with SMTP id ti5-20020a056a218dc500b000fc76501064mr14170237pzb.48.1683644020925; Tue, 09 May 2023 07:53:40 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1683644020; cv=none; d=google.com; s=arc-20160816; b=pgK2Wd+QDgl4KgN7+0nB2cC7u6kuzLfNImgzp1wsJpcNPh1Lfr1MGYaPrF1k7cuPuK Tp2ARM+/aH3kXtWapKjlOQaERu7gzyY7dCAKyWKUhVXFPi+sYXI21YOmMp9iiUfRKNqw 9p+sQLx6bnATAXNK2MeQRezGlXyvv+gc0t/4vuWSLKL6rGmDwTB05tgdhIxSlaEtZVDB Payg06wNyn5CCcywaRZYL3aJUS9ISXko4b6qUYacHqJqc/wU13JRKq+2YTu41zYY5CPt AR8opYnq5Q0t0mZOe1v/G2+dJX8cenhr0XGpQsb7GgwCwelkeURnLgkotAPaxp+tcFeQ Bxhg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=yMH+9BGkydzhZBgaC6UBbgJrZIJg2Ik6h2SVKuw0Au0=; b=mJaLekILzaCQ14fxl9p4X43b1TQDJgJ0wUrtwWDdopSTDpy5nPVO9i956/Xr08jo2O 70R32oLpnHvV+lcjKtPvJhCLcqE6EvczhoMgWNV5nRq08aIXZtuNo0LVGAeXMzfJVS5C RLQP0+0NUW8tDws0HtTRrPiPBchzwjFkjb4fubQarn9TFu5EH22jPV9r4qnj407Fv/Im zDVn10vHm6s69wHKB5p6BeeqV0zxOXeUm4tLDA6Sv+ZjpXb3swYmsMaKwQlAgG0MU9RR MqVheHU+7nuAr4kQlgdUlUH0G+1SRNAdqdWMt+cTDJ6FcAfxLGZW9ubGcNFnhreNTuSD hOVw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=M2bVYeNp; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id i8-20020a639d08000000b00520dfb861fbsi1715499pgd.416.2023.05.09.07.53.27; Tue, 09 May 2023 07:53:40 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=M2bVYeNp; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S235742AbjEIOMx (ORCPT + 99 others); Tue, 9 May 2023 10:12:53 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:54276 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S235696AbjEIOMw (ORCPT ); Tue, 9 May 2023 10:12:52 -0400 Received: from dfw.source.kernel.org (dfw.source.kernel.org [IPv6:2604:1380:4641:c500::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 65ABE30E9 for ; Tue, 9 May 2023 07:12:51 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id A329E62BF4 for ; Tue, 9 May 2023 14:12:50 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 88254C433EF; Tue, 9 May 2023 14:12:49 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1683641569; bh=Ia9qR/V+dgyiZQmU96o1UbuUGtZdvdOBtBPw3NwRYJI=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=M2bVYeNp5yBaBNpJrq/lMcqKeH4Eu5ZbakZcYCLu6XMVFkStwkNiHguLEiQlYp1M/ NvG480htiNEKhlHXF/+PjVDkqQQEKvRDqaae9WCbeyT658wWE4l86gD3CwjuCcwAyh sGQpMge9V9FLFe035uipI2fh3+USJwv1I+kaVznbbMYjY9eGP+cFguDiDBjzVk1bdo 39WZqJSn1pANwyXLM0N/m/sYi4dMV9a8TurXCX4eylD+bVovXGEfnXueVAAmYXF2bu FOd5e1I7g5L+cIJw0KQtPQLzLHd2xS9/OjHNRb2GOb0l4l6wSRnxINxP4V4RTdibr0 tUKrCP3fe5dHg== Date: Tue, 9 May 2023 23:12:46 +0900 From: Mark Brown To: Srinivas Kandagatla Cc: Ravulapati Vishnu Vardhan Rao , Banajit Goswami , Liam Girdwood , Jaroslav Kysela , Takashi Iwai , "moderated list:QCOM AUDIO (ASoC) DRIVERS" , open list Subject: Re: [PATCH] ASoC:codecs: lpass: Fix for KASAN use_after_free out of bounds Message-ID: References: <20230509103232.20953-1-quic_visr@quicinc.com> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="7MjTQKZ/juz56Sws" Content-Disposition: inline In-Reply-To: X-Cookie: Avoid contact with eyes. X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED, SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org --7MjTQKZ/juz56Sws Content-Type: text/plain; charset=us-ascii Content-Disposition: inline On Tue, May 09, 2023 at 01:26:32PM +0100, Srinivas Kandagatla wrote: > On 09/05/2023 11:32, Ravulapati Vishnu Vardhan Rao wrote: > > val = ucontrol->value.enumerated.item[0]; > > + if (val < 0 && val > 15) > > + return -EINVAL; > how about > if (val >= e->items) > return -EINVAL; The enum value is passed as an int so is signed unfortunately. > We could get these checks if CONFIG_SND_CTL_INTPUT_VALIDATION was enabled. You can't rely on that being set. --7MjTQKZ/juz56Sws Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQEzBAABCgAdFiEEreZoqmdXGLWf4p/qJNaLcl1Uh9AFAmRaVNsACgkQJNaLcl1U h9A0Uwf/UvIT8fZeRNOkWNIfq84pL8mhWAPjeWjO0KZMX5qY6ryVzPuDQY3cuv5S cH0vyKy12IWKEFhMwN+kM1h70iiX+Ai7STIp+6tJWJnXTGlZmpi1qwGy9yDc2Zxz 30c8CyfvhFYm3y6cJGOq/D79DABrDT1xeG1HG4/CAhFagIQBruQ9/2gnHJIhfcfx UVGfLUmU8srAmBE/o8DyrME67anVAn5jEttqIdetnCyISSF0Svu9xyx7pM9k0WQs nOcCE+PfRL6owkajRu+pnBpimZXX4zXmUBwcQl+KDIxexpp2eAR35OgK9KXn0kE/ lRZcSZ1/feq8gjoO/Fh6AcJghyasxA== =qvvD -----END PGP SIGNATURE----- --7MjTQKZ/juz56Sws--