[PATCH AUTOSEL 6.6 14/33] ASoC: topology: Fix route memory corruption

From: Sasha Levin
Date: Tue Jul 09 2024 - 12:35:33 EST


From: Amadeusz Sławiński <amadeuszx.slawinski@xxxxxxxxxxxxxxx>

[ Upstream commit 0298f51652be47b79780833e0b63194e1231fa34 ]

It was reported that recent fix for memory corruption during topology
load, causes corruption in other cases. Instead of being overeager with
checking topology, assume that it is properly formatted and just
duplicate strings.

Reported-by: Pierre-Louis Bossart <pierre-louis.bossart@xxxxxxxxxxxxxxx>
Closes: https://lore.kernel.org/linux-sound/171812236450.201359.3019210915105428447.b4-ty@xxxxxxxxxx/T/#m8c4bd5abf453960fde6f826c4b7f84881da63e9d
Suggested-by: Péter Ujfalusi <peter.ujfalusi@xxxxxxxxxxxxxxx>
Signed-off-by: Amadeusz Sławiński <amadeuszx.slawinski@xxxxxxxxxxxxxxx>
Link: https://lore.kernel.org/r/20240613090126.841189-1-amadeuszx.slawinski@xxxxxxxxxxxxxxx
Signed-off-by: Mark Brown <broonie@xxxxxxxxxx>
Signed-off-by: Sasha Levin <sashal@xxxxxxxxxx>
---
sound/soc/soc-topology.c | 12 +++---------
1 file changed, 3 insertions(+), 9 deletions(-)

diff --git a/sound/soc/soc-topology.c b/sound/soc/soc-topology.c
index e7a2426dd7443..7e8fca0b06628 100644
--- a/sound/soc/soc-topology.c
+++ b/sound/soc/soc-topology.c
@@ -1052,21 +1052,15 @@ static int soc_tplg_dapm_graph_elems_load(struct soc_tplg *tplg,
break;
}

- route->source = devm_kmemdup(tplg->dev, elem->source,
- min(strlen(elem->source), maxlen),
- GFP_KERNEL);
- route->sink = devm_kmemdup(tplg->dev, elem->sink,
- min(strlen(elem->sink), maxlen),
- GFP_KERNEL);
+ route->source = devm_kstrdup(tplg->dev, elem->source, GFP_KERNEL);
+ route->sink = devm_kstrdup(tplg->dev, elem->sink, GFP_KERNEL);
if (!route->source || !route->sink) {
ret = -ENOMEM;
break;
}

if (strnlen(elem->control, maxlen) != 0) {
- route->control = devm_kmemdup(tplg->dev, elem->control,
- min(strlen(elem->control), maxlen),
- GFP_KERNEL);
+ route->control = devm_kstrdup(tplg->dev, elem->control, GFP_KERNEL);
if (!route->control) {
ret = -ENOMEM;
break;
--
2.43.0