Re: [PATCH 1/1] ASoC: Intel: Atom: add a missing star in a memcpy call

From: Joe Perches
Date: Sun Aug 28 2016 - 14:17:18 EST

Next message: Jiri Olsa: "[PATCH] x86/topology: Fallback to SMT level only once"
Previous message: Clemens Gruber: "Re: chipidea: udc: kernel panic in isr_setup_status_phase"
In reply to: Joe Perches: "Re: Misuses of ** ? (was Re: [PATCH 1/1] ASoC: Intel: Atom: add a missing star in a memcpy call)"
Next in thread: Nicolas Iooss: "Re: [PATCH 1/1] ASoC: Intel: Atom: add a missing star in a memcpy call"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sun, 2016-08-28 at 19:39 +0200, Nicolas Iooss wrote:
> In sst_prepare_and_post_msg(), when a response is received in "block",
> the following code gets executed:
>
> *data = kzalloc(block->size, GFP_KERNEL);
> memcpy(data, (void *) block->data, block->size);
>
> The memcpy() call overwrites the content of the *data pointer instead of
> filling the newly-allocated memory (which pointer is hold by *data).
> Fix this by using *data in the memcpy() call.
>
> Fixes: 60dc8dbacb00 ("ASoC: Intel: sst: Add some helper functions")
> Cc: stable@xxxxxxxxxxxxxxx # 3.19.x
> Signed-off-by: Nicolas Iooss <nicolas.iooss_linux@xxxxxxx>
> ---
> sound/soc/intel/atom/sst/sst_pvt.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/sound/soc/intel/atom/sst/sst_pvt.c b/sound/soc/intel/atom/sst/sst_pvt.c
> index adb32fefd693..7c398b7c9d4b 100644
> --- a/sound/soc/intel/atom/sst/sst_pvt.c
> +++ b/sound/soc/intel/atom/sst/sst_pvt.c
> @@ -289,7 +289,7 @@ int sst_prepare_and_post_msg(struct intel_sst_drv *sst,
> ret = -ENOMEM;
> goto out;
> } else
> - memcpy(data, (void *) block->data, block->size);
> + memcpy(*data, (void *) block->data, block->size);
> }
> }
> out:

Perhaps this would be nicer using kmemdup too
---
sound/soc/intel/atom/sst/sst_pvt.c | 14 ++++++--------
1 file changed, 6 insertions(+), 8 deletions(-)

diff --git a/sound/soc/intel/atom/sst/sst_pvt.c b/sound/soc/intel/atom/sst/sst_pvt.c
index adb32fe..b1e6b8f 100644
--- a/sound/soc/intel/atom/sst/sst_pvt.c
+++ b/sound/soc/intel/atom/sst/sst_pvt.c
@@ -279,17 +279,15 @@ int sst_prepare_and_post_msg(struct intel_sst_drv *sst,

if (response) {
ret = sst_wait_timeout(sst, block);
- if (ret < 0) {
+ if (ret < 0)
goto out;
- } else if(block->data) {
- if (!data)
- goto out;
- *data = kzalloc(block->size, GFP_KERNEL);
- if (!(*data)) {
+
+ if (data && block->data) {
+ *data = kmemdup(block->data, block->size, GFP_KERNEL);
+ if (!*data) {
ret = -ENOMEM;
goto out;
- } else
- memcpy(data, (void *) block->data, block->size);
+ }
}
}
out:

Next message: Jiri Olsa: "[PATCH] x86/topology: Fallback to SMT level only once"
Previous message: Clemens Gruber: "Re: chipidea: udc: kernel panic in isr_setup_status_phase"
In reply to: Joe Perches: "Re: Misuses of ** ? (was Re: [PATCH 1/1] ASoC: Intel: Atom: add a missing star in a memcpy call)"
Next in thread: Nicolas Iooss: "Re: [PATCH 1/1] ASoC: Intel: Atom: add a missing star in a memcpy call"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]