Unverified Commit 50c0974e authored by openeuler-ci-bot's avatar openeuler-ci-bot Committed by Gitee
Browse files

!9444 CVE-2022-48737 

Merge Pull Request from: @ci-robot 
 
PR sync from: "GONG, Ruiqi" <gongruiqi1@huawei.com>
https://mailweb.openeuler.org/hyperkitty/list/kernel@openeuler.org/message/3MQYVAFXTV5L7J6UQO7VQ6YBC4ZDBWVK/ 
Fix of CVE-2022-48737.

Mark Brown (2):
  ASoC: ops: Reject out of bounds values in snd_soc_put_volsw_sx()
  ASoC: ops: Fix bounds check for _sx controls


-- 
2.25.1
 
https://gitee.com/src-openeuler/kernel/issues/IA72I5 
 
Link:https://gitee.com/openeuler/kernel/pulls/9444

 

Reviewed-by: default avatarLiu YongQiang <liuyongqiang13@huawei.com>
Signed-off-by: default avatarZhang Changzhong <zhangchangzhong@huawei.com>
parents 8400b832 6705e66f

sound/soc/soc-ops.c

+8 −1
Original line number Diff line number Diff line
@@ -422,8 +422,15 @@ int snd_soc_put_volsw_sx(struct snd_kcontrol *kcontrol, 
	int err = 0;

	unsigned int val, val_mask, val2 = 0;



	val = ucontrol->value.integer.value[0];

	if (mc->platform_max && val > mc->platform_max)

		return -EINVAL;

	if (val > max)

		return -EINVAL;

	if (val < 0)

		return -EINVAL;

	val_mask = mask << shift;

	val = (ucontrol->value.integer.value[0] + min) & mask;

	val = (val + min) & mask;

	val = val << shift;



	err = snd_soc_component_update_bits(component, reg, val_mask, val);