Commit 62063644 authored by Takashi Iwai's avatar Takashi Iwai Committed by Jialin Zhang
Browse files

ALSA: pcm: oss: Fix potential out-of-bounds shift 

stable inclusion
from stable-v4.19.164
commit 37172cffc6a4e5371c9a514ad6ab870108a73c9f
category: bugfix
bugzilla: https://gitee.com/src-openeuler/kernel/issues/I9S1ZV
CVE: CVE-2021-47509

Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=37172cffc6a4e5371c9a514ad6ab870108a73c9f



--------------------------------

commit 175b8d89 upstream.

syzbot spotted a potential out-of-bounds shift in the PCM OSS layer
where it calculates the buffer size with the arbitrary shift value
given via an ioctl.

Add a range check for avoiding the undefined behavior.
As the value can be treated by a signed integer, the max shift should
be 30.

Reported-by: default avatar <syzbot+df7dc146ebdd6435eea3@syzkaller.appspotmail.com>
Cc: <stable@vger.kernel.org>
Link: https://lore.kernel.org/r/20201209084552.17109-2-tiwai@suse.de


Signed-off-by: default avatarTakashi Iwai <tiwai@suse.de>
Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: default avatarJialin Zhang <zhangjialin11@huawei.com>
parent 53c51ceb
Show whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please to comment