6.6-stable patches

author Greg Kroah-Hartman <gregkh@linuxfoundation.org>

Fri, 3 Oct 2025 13:23:40 +0000 (15:23 +0200)

committer Greg Kroah-Hartman <gregkh@linuxfoundation.org>

Fri, 3 Oct 2025 13:23:40 +0000 (15:23 +0200)
author Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Fri, 3 Oct 2025 13:23:40 +0000 (15:23 +0200)
committer Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Fri, 3 Oct 2025 13:23:40 +0000 (15:23 +0200)
diff --git a/queue-6.6/asoc-qcom-audioreach-fix-potential-null-pointer-dereference.patch b/queue-6.6/asoc-qcom-audioreach-fix-potential-null-pointer-dereference.patch

new file mode 100644 (file)

index 0000000..94a832f
--- /dev/null
+++ b/queue-6.6/asoc-qcom-audioreach-fix-potential-null-pointer-dereference.patch
@@ -0,0 +1,37 @@
+From 8318e04ab2526b155773313b66a1542476ce1106 Mon Sep 17 00:00:00 2001
+From: Srinivas Kandagatla <srinivas.kandagatla@oss.qualcomm.com>
+Date: Mon, 25 Aug 2025 11:12:45 +0100
+Subject: ASoC: qcom: audioreach: fix potential null pointer dereference
+
+From: Srinivas Kandagatla <srinivas.kandagatla@oss.qualcomm.com>
+
+commit 8318e04ab2526b155773313b66a1542476ce1106 upstream.
+
+It is possible that the topology parsing function
+audioreach_widget_load_module_common() could return NULL or an error
+pointer. Add missing NULL check so that we do not dereference it.
+
+Reported-by: Dan Carpenter <dan.carpenter@linaro.org>
+Cc: Stable@vger.kernel.org
+Fixes: 36ad9bf1d93d ("ASoC: qdsp6: audioreach: add topology support")
+Signed-off-by: Srinivas Kandagatla <srinivas.kandagatla@oss.qualcomm.com>
+Link: https://patch.msgid.link/20250825101247.152619-2-srinivas.kandagatla@oss.qualcomm.com
+Signed-off-by: Mark Brown <broonie@kernel.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ sound/soc/qcom/qdsp6/topology.c |    4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+--- a/sound/soc/qcom/qdsp6/topology.c
++++ b/sound/soc/qcom/qdsp6/topology.c
+@@ -586,8 +586,8 @@ static int audioreach_widget_load_module
+               return PTR_ERR(cont);
+ 
+       mod = audioreach_parse_common_tokens(apm, cont, &tplg_w->priv, w);
+-      if (IS_ERR(mod))
+-              return PTR_ERR(mod);
++      if (IS_ERR_OR_NULL(mod))
++              return mod ? PTR_ERR(mod) : -ENODEV;
+ 
+       dobj = &w->dobj;
+       dobj->private = mod;
diff --git a/queue-6.6/series b/queue-6.6/series

index d413ece7dec9fb6024f2c62af54d8ece04f9626e..1881e3cd8bad3233e290aa648eb0916a25871f4e 100644 (file)
--- a/queue-6.6/series
+++ b/queue-6.6/series
@@ -4,3 +4,4 @@ scsi-target-target_core_configfs-add-length-check-to-avoid-buffer-overflow.patch
  media-b2c2-fix-use-after-free-causing-by-irq_check_work-in-flexcop_pci_remove.patch
  media-rc-fix-races-with-imon_disconnect.patch
  media-uvcvideo-mark-invalid-entities-with-id-uvc_invalid_entity_id.patch
+asoc-qcom-audioreach-fix-potential-null-pointer-dereference.patch
author	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Fri, 3 Oct 2025 13:23:40 +0000 (15:23 +0200)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Fri, 3 Oct 2025 13:23:40 +0000 (15:23 +0200)
queue-6.6/asoc-qcom-audioreach-fix-potential-null-pointer-dereference.patch	[new file with mode: 0644]	patch \| blob
queue-6.6/series		patch \| blob \| blame \| history