Re: [PATCH] es1370: check total frame count against current frame

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH] es1370: check total frame count against current frame

From:	Gerd Hoffmann
Subject:	Re: [PATCH] es1370: check total frame count against current frame
Date:	Wed, 20 May 2020 10:56:21 +0200

On Wed, May 20, 2020 at 12:05:48AM +0530, P J P wrote:
> +-- On Fri, 15 May 2020, P J P wrote --+
> | From: Prasad J Pandit <address@hidden>
> | 
> | A guest user may set channel frame count via es1370_write()
> | such that, in es1370_transfer_audio(), total frame count
> | 'size' is lesser than the number of frames that are processed
> | 'cnt'.
> | 
> |     int cnt = d->frame_cnt >> 16;
> |     int size = d->frame_cnt & 0xffff;
> | 
> | if (size < cnt), it results in incorrect calculations leading
> | to OOB access issue(s). Add check to avoid it.
> | 
> 
> Ping...!

Added to audio patch queue.

(there isn't much activity in audio, thats why the mail was sitting in
my mailbox waiting for me process it ...)

thanks,
  Gerd

[Prev in Thread]

Current Thread

[Next in Thread]

[PATCH] es1370: check total frame count against current frame, P J P, 2020/05/14
- Re: [PATCH] es1370: check total frame count against current frame, P J P, 2020/05/19
  - Re: [PATCH] es1370: check total frame count against current frame, Gerd Hoffmann <=

Prev by Date: Re: kvm_buf_set_msrs: Assertion `ret == cpu->kvm_msr_buf->nmsrs' failed.
Next by Date: Re: [PATCH v4 2/3] block: consolidate blocksize properties consistency checks
Previous by thread: Re: [PATCH] es1370: check total frame count against current frame
Next by thread: [PATCH 0/3] iotests: enable logging prior to notrun() invocation
Index(es):
- Date
- Thread