| Message ID | 20211218123925.2583847-1-perex@perex.cz (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | ALSA: rawmidi - fix the uninitalized user_pversion | expand |
On Sat, 18 Dec 2021 13:39:25 +0100, Jaroslav Kysela wrote: > > The user_pversion was unitialized for the user space file structure > in the open function, because the file private structure use > kmalloc for the allocation. > > The kernel ALSA sequencer code clears the file structure, so no additional > fixes are required. > > Cc: stable@kernel.org > Cc: broonie@kernel.org > BugLink: https://github.com/alsa-project/alsa-lib/issues/178 > Fixes: 09d23174402d ("ALSA: rawmidi: introduce SNDRV_RAWMIDI_IOCTL_USER_PVERSION") > Reported-by: syzbot+88412ee8811832b00dbe@syzkaller.appspotmail.com > Signed-off-by: Jaroslav Kysela <perex@perex.cz> Thanks, applied now with a minor typo fix. Takashi
diff --git a/sound/core/rawmidi.c b/sound/core/rawmidi.c index 6f30231bdb88..befa9809ff00 100644 --- a/sound/core/rawmidi.c +++ b/sound/core/rawmidi.c @@ -447,6 +447,7 @@ static int snd_rawmidi_open(struct inode *inode, struct file *file) err = -ENOMEM; goto __error; } + rawmidi_file->user_pversion = 0; init_waitqueue_entry(&wait, current); add_wait_queue(&rmidi->open_wait, &wait); while (1) {
The user_pversion was unitialized for the user space file structure in the open function, because the file private structure use kmalloc for the allocation. The kernel ALSA sequencer code clears the file structure, so no additional fixes are required. Cc: stable@kernel.org Cc: broonie@kernel.org BugLink: https://github.com/alsa-project/alsa-lib/issues/178 Fixes: 09d23174402d ("ALSA: rawmidi: introduce SNDRV_RAWMIDI_IOCTL_USER_PVERSION") Reported-by: syzbot+88412ee8811832b00dbe@syzkaller.appspotmail.com Signed-off-by: Jaroslav Kysela <perex@perex.cz> --- sound/core/rawmidi.c | 1 + 1 file changed, 1 insertion(+)