Commit bffbbc0a authored by Dan Carpenter's avatar Dan Carpenter Committed by Takashi Iwai

ALSA: sb16 - info leak in snd_sb_csp_ioctl()

There is a 2 byte hole after "info.func_nr" so we could leak unitialized
stack information to userspace.
Signed-off-by: default avatarDan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: default avatarTakashi Iwai <tiwai@suse.de>
parent f44f2a54
......@@ -208,6 +208,7 @@ static int snd_sb_csp_ioctl(struct snd_hwdep * hw, struct file *file, unsigned i
switch (cmd) {
/* get information */
case SNDRV_SB_CSP_IOCTL_INFO:
memset(&info, 0, sizeof(info));
*info.codec_name = *p->codec_name;
info.func_nr = p->func_nr;
info.acc_format = p->acc_format;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment