ASoC: core: fix possible ZERO_SIZE_PTR pointer dereferencing error.

commit 6596aa04 upstream. Since we cannot make sure the 'params->num_regs' will always be none zero here, and then if it equals to zero, the kmemdup() will return ZERO_SIZE_PTR, which equals to ((void *)16). So this patch fix this with just doing the zero check before calling kmemdup(). Signed-off-by: Xiubo Li <Li.Xiubo@freescale.com> Signed-off-by: Mark Brown <broonie@kernel.org> [lizf: Backported to 3.4: adjust context] Signed-off-by: Zefan Li <lizefan@huawei.com>

ASoC: core: fix possible ZERO_SIZE_PTR pointer dereferencing error.
commit 6596aa04 upstream. Since we cannot make sure the 'params->num_regs' will always be none zero here, and then if it equals to zero, the kmemdup() will return ZERO_SIZE_PTR, which equals to ((void *)16). So this patch fix this with just doing the zero check before calling kmemdup(). Signed-off-by: Xiubo Li <Li.Xiubo@freescale.com> Signed-off-by: Mark Brown <broonie@kernel.org> [lizf: Backported to 3.4: adjust context] Signed-off-by: Zefan Li <lizefan@huawei.com>
e5b74135 · Xiubo Li · Zefan Li · 3efcfa54 · e5b74135
Commit e5b74135 authored Sep 28, 2014 by Xiubo Li Committed by Zefan Li Dec 01, 2014
Hide whitespace changes
Inline Side-by-side

Showing with 1 addition and 1 deletion

sound/soc/soc-core.c sound/soc/soc-core.c +1 -1

No files found.
--- a/sound/soc/soc-core.c
+++ b/sound/soc/soc-core.c
@@ -2799,7 +2799,7 @@ int snd_soc_bytes_put(struct snd_kcontrol *kcontrol,
 	unsigned int val;
 	void *data;

-	if (!codec->using_regmap)
+	if (!codec->using_regmap || !params->num_regs)
 		return -EINVAL;

 	data = ucontrol->value.bytes.data;