ASoC: core: fix possible ZERO_SIZE_PTR pointer dereferencing error.

commit 6596aa04 upstream. Since we cannot make sure the 'params->num_regs' will always be none zero here, and then if it equals to zero, the kmemdup() will return ZERO_SIZE_PTR, which equals to ((void *)16). So this patch fix this with just doing the zero check before calling kmemdup(). Signed-off-by: Xiubo Li <Li.Xiubo@freescale.com> Signed-off-by: Mark Brown <broonie@kernel.org> [ kamal: backport to 3.13-stable: context ] Signed-off-by: Kamal Mostafa <kamal@canonical.com>

ASoC: core: fix possible ZERO_SIZE_PTR pointer dereferencing error.
commit 6596aa04 upstream. Since we cannot make sure the 'params->num_regs' will always be none zero here, and then if it equals to zero, the kmemdup() will return ZERO_SIZE_PTR, which equals to ((void *)16). So this patch fix this with just doing the zero check before calling kmemdup(). Signed-off-by: Xiubo Li <Li.Xiubo@freescale.com> Signed-off-by: Mark Brown <broonie@kernel.org> [ kamal: backport to 3.13-stable: context ] Signed-off-by: Kamal Mostafa <kamal@canonical.com>
1b9c5673 · Xiubo Li · Kamal Mostafa · 9f9541fe · 1b9c5673
Commit 1b9c5673 authored Sep 28, 2014 by Xiubo Li Committed by Kamal Mostafa Oct 09, 2014
Hide whitespace changes
Inline Side-by-side

Showing with 1 addition and 1 deletion

sound/soc/soc-core.c sound/soc/soc-core.c +1 -1

No files found.
--- a/sound/soc/soc-core.c
+++ b/sound/soc/soc-core.c
@@ -3236,7 +3236,7 @@ int snd_soc_bytes_put(struct snd_kcontrol *kcontrol,
 	unsigned int val;
 	void *data;

-	if (!codec->using_regmap)
+	if (!codec->using_regmap || !params->num_regs)
 		return -EINVAL;

 	len = params->num_regs * codec->val_bytes;