git.ipfire.org Git - thirdparty/kernel/stable.git/commit

author	Evgeny Pimenov <pimenoveu12@gmail.com>
	Tue, 1 Apr 2025 20:40:58 +0000 (23:40 +0300)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Fri, 2 May 2025 05:46:53 +0000 (07:46 +0200)
commit	d78888853eb53f47ae16cf3aa5d0444d0331b9f8
tree	c5fc4cc52519a2e8848517f365c0f09001d86084	tree
parent	20ecb510d415416a2ba4174cbb2ff3f2dc0443a0	commit \| diff

ASoC: qcom: Fix sc7280 lpass potential buffer overflow

[ Upstream commit a31a4934b31faea76e735bab17e63d02fcd8e029 ]

Case values introduced in commit
5f78e1fb7a3e ("ASoC: qcom: Add driver support for audioreach solution")
cause out of bounds access in arrays of sc7280 driver data (e.g. in case
of RX_CODEC_DMA_RX_0 in sc7280_snd_hw_params()).

Redefine LPASS_MAX_PORTS to consider the maximum possible port id for
q6dsp as sc7280 driver utilizes some of those values.

Found by Linux Verification Center (linuxtesting.org) with SVACE.

Fixes: 77d0ffef793d ("ASoC: qcom: Add macro for lpass DAI id's max limit")
Cc: stable@vger.kernel.org # v6.0+
Suggested-by: Mikhail Kobuk <m.kobuk@ispras.ru>
Suggested-by: Alexey Khoroshilov <khoroshilov@ispras.ru>
Signed-off-by: Evgeny Pimenov <pimenoveu12@gmail.com>
Link: https://patch.msgid.link/20250401204058.32261-1-pimenoveu12@gmail.com
Signed-off-by: Mark Brown <broonie@kernel.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>