From: Dan Carpenter dan.carpenter@oracle.com
commit b41c15f4e1c1f1657da15c482fa837c1b7384452 upstream.
The "count" variable needs to be capped on every path so that we don't copy too much information to the user.
Fixes: 618eabeae711 ("ALSA: bebob: Add hwdep interface") Signed-off-by: Dan Carpenter dan.carpenter@oracle.com Acked-by: Takashi Sakamoto o-takashi@sakamocchi.jp Cc: stable@vger.kernel.org Link: https://lore.kernel.org/r/20201007074928.GA2529578@mwanda Signed-off-by: Takashi Iwai tiwai@suse.de Signed-off-by: Greg Kroah-Hartman gregkh@linuxfoundation.org
--- sound/firewire/bebob/bebob_hwdep.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-)
--- a/sound/firewire/bebob/bebob_hwdep.c +++ b/sound/firewire/bebob/bebob_hwdep.c @@ -37,12 +37,11 @@ hwdep_read(struct snd_hwdep *hwdep, char }
memset(&event, 0, sizeof(event)); + count = min_t(long, count, sizeof(event.lock_status)); if (bebob->dev_lock_changed) { event.lock_status.type = SNDRV_FIREWIRE_EVENT_LOCK_STATUS; event.lock_status.status = (bebob->dev_lock_count > 0); bebob->dev_lock_changed = false; - - count = min_t(long, count, sizeof(event.lock_status)); }
spin_unlock_irq(&bebob->lock);