[PATCH AUTOSEL 6.9 17/40] ASoC: topology: Fix route memory corruption

From: Sasha Levin
Date: Tue Jul 09 2024 - 12:33:19 EST

Next message: Sasha Levin: "[PATCH AUTOSEL 6.6 04/33] Input: xpad - add support for ASUS ROG RAIKIRI PRO"
Previous message: Sasha Levin: "[PATCH AUTOSEL 6.6 03/33] ASoC: rt722-sdca-sdw: add silence detection register as volatile"
In reply to: Sasha Levin: "[PATCH AUTOSEL 6.9 40/40] net: usb: qmi_wwan: add Telit FN912 compositions"
Next in thread: Sasha Levin: "[PATCH AUTOSEL 6.9 31/40] btrfs: scrub: handle RST lookup error correctly"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Amadeusz Sławiński <amadeuszx.slawinski@xxxxxxxxxxxxxxx>

[ Upstream commit 0298f51652be47b79780833e0b63194e1231fa34 ]

It was reported that recent fix for memory corruption during topology
load, causes corruption in other cases. Instead of being overeager with
checking topology, assume that it is properly formatted and just
duplicate strings.

Reported-by: Pierre-Louis Bossart <pierre-louis.bossart@xxxxxxxxxxxxxxx>
Closes: https://lore.kernel.org/linux-sound/171812236450.201359.3019210915105428447.b4-ty@xxxxxxxxxx/T/#m8c4bd5abf453960fde6f826c4b7f84881da63e9d
Suggested-by: Péter Ujfalusi <peter.ujfalusi@xxxxxxxxxxxxxxx>
Signed-off-by: Amadeusz Sławiński <amadeuszx.slawinski@xxxxxxxxxxxxxxx>
Link: https://lore.kernel.org/r/20240613090126.841189-1-amadeuszx.slawinski@xxxxxxxxxxxxxxx
Signed-off-by: Mark Brown <broonie@xxxxxxxxxx>
Signed-off-by: Sasha Levin <sashal@xxxxxxxxxx>
---
sound/soc/soc-topology.c | 12 +++---------
1 file changed, 3 insertions(+), 9 deletions(-)

diff --git a/sound/soc/soc-topology.c b/sound/soc/soc-topology.c
index 52752e0a5dc27..27aba69894b17 100644
--- a/sound/soc/soc-topology.c
+++ b/sound/soc/soc-topology.c
@@ -1052,21 +1052,15 @@ static int soc_tplg_dapm_graph_elems_load(struct soc_tplg *tplg,
break;
}

- route->source = devm_kmemdup(tplg->dev, elem->source,
- min(strlen(elem->source), maxlen),
- GFP_KERNEL);
- route->sink = devm_kmemdup(tplg->dev, elem->sink,
- min(strlen(elem->sink), maxlen),
- GFP_KERNEL);
+ route->source = devm_kstrdup(tplg->dev, elem->source, GFP_KERNEL);
+ route->sink = devm_kstrdup(tplg->dev, elem->sink, GFP_KERNEL);
if (!route->source || !route->sink) {
ret = -ENOMEM;
break;
}

if (strnlen(elem->control, maxlen) != 0) {
- route->control = devm_kmemdup(tplg->dev, elem->control,
- min(strlen(elem->control), maxlen),
- GFP_KERNEL);
+ route->control = devm_kstrdup(tplg->dev, elem->control, GFP_KERNEL);
if (!route->control) {
ret = -ENOMEM;
break;
--
2.43.0

Next message: Sasha Levin: "[PATCH AUTOSEL 6.6 04/33] Input: xpad - add support for ASUS ROG RAIKIRI PRO"
Previous message: Sasha Levin: "[PATCH AUTOSEL 6.6 03/33] ASoC: rt722-sdca-sdw: add silence detection register as volatile"
In reply to: Sasha Levin: "[PATCH AUTOSEL 6.9 40/40] net: usb: qmi_wwan: add Telit FN912 compositions"
Next in thread: Sasha Levin: "[PATCH AUTOSEL 6.9 31/40] btrfs: scrub: handle RST lookup error correctly"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]