[PATCH 4.19 274/346] ALSA: pcm: oss: Fix a few more UBSAN fixes

From: Greg Kroah-Hartman
Date: Mon Dec 28 2020 - 11:00:10 EST

Next message: Greg Kroah-Hartman: "[PATCH 4.19 282/346] s390/dasd: prevent inconsistent LCU device data"
Previous message: Greg Kroah-Hartman: "[PATCH 4.19 255/346] lwt: Disable BH too in run_lwt_bpf()"
In reply to: Greg Kroah-Hartman: "[PATCH 4.19 255/346] lwt: Disable BH too in run_lwt_bpf()"
Next in thread: Greg Kroah-Hartman: "[PATCH 4.19 282/346] s390/dasd: prevent inconsistent LCU device data"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Takashi Iwai <tiwai@xxxxxxx>

commit 11cb881bf075cea41092a20236ba708b18e1dbb2 upstream.

There are a few places that call round{up|down}_pow_of_two() with the
value zero, and this causes undefined behavior warnings. Avoid
calling those macros if such a nonsense value is passed; it's a minor
optimization as well, as we handle it as either an error or a value to
be skipped, instead.

Reported-by: syzbot+33ef0b6639a8d2d42b4c@xxxxxxxxxxxxxxxxxxxxxxxxx
Cc: <stable@xxxxxxxxxxxxxxx>
Link: https://lore.kernel.org/r/20201218161730.26596-1-tiwai@xxxxxxx
Signed-off-by: Takashi Iwai <tiwai@xxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>

---
sound/core/oss/pcm_oss.c | 22 ++++++++++++++--------
1 file changed, 14 insertions(+), 8 deletions(-)

--- a/sound/core/oss/pcm_oss.c
+++ b/sound/core/oss/pcm_oss.c
@@ -708,6 +708,8 @@ static int snd_pcm_oss_period_size(struc

oss_buffer_size = snd_pcm_plug_client_size(substream,
snd_pcm_hw_param_value_max(slave_params, SNDRV_PCM_HW_PARAM_BUFFER_SIZE, NULL)) * oss_frame_size;
+ if (!oss_buffer_size)
+ return -EINVAL;
oss_buffer_size = rounddown_pow_of_two(oss_buffer_size);
if (atomic_read(&substream->mmap_count)) {
if (oss_buffer_size > runtime->oss.mmap_bytes)
@@ -743,17 +745,21 @@ static int snd_pcm_oss_period_size(struc

min_period_size = snd_pcm_plug_client_size(substream,
snd_pcm_hw_param_value_min(slave_params, SNDRV_PCM_HW_PARAM_PERIOD_SIZE, NULL));
- min_period_size *= oss_frame_size;
- min_period_size = roundup_pow_of_two(min_period_size);
- if (oss_period_size < min_period_size)
- oss_period_size = min_period_size;
+ if (min_period_size) {
+ min_period_size *= oss_frame_size;
+ min_period_size = roundup_pow_of_two(min_period_size);
+ if (oss_period_size < min_period_size)
+ oss_period_size = min_period_size;
+ }

max_period_size = snd_pcm_plug_client_size(substream,
snd_pcm_hw_param_value_max(slave_params, SNDRV_PCM_HW_PARAM_PERIOD_SIZE, NULL));
- max_period_size *= oss_frame_size;
- max_period_size = rounddown_pow_of_two(max_period_size);
- if (oss_period_size > max_period_size)
- oss_period_size = max_period_size;
+ if (max_period_size) {
+ max_period_size *= oss_frame_size;
+ max_period_size = rounddown_pow_of_two(max_period_size);
+ if (oss_period_size > max_period_size)
+ oss_period_size = max_period_size;
+ }

oss_periods = oss_buffer_size / oss_period_size;

Next message: Greg Kroah-Hartman: "[PATCH 4.19 282/346] s390/dasd: prevent inconsistent LCU device data"
Previous message: Greg Kroah-Hartman: "[PATCH 4.19 255/346] lwt: Disable BH too in run_lwt_bpf()"
In reply to: Greg Kroah-Hartman: "[PATCH 4.19 255/346] lwt: Disable BH too in run_lwt_bpf()"
Next in thread: Greg Kroah-Hartman: "[PATCH 4.19 282/346] s390/dasd: prevent inconsistent LCU device data"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]