Commit c0527b93 authored by Takashi Iwai's avatar Takashi Iwai Committed by Sasha Levin

ALSA: control: Add sanity checks for user ctl id name string

[ Upstream commit be3bb823 ]

There was no check about the id string of user control elements, so we
accepted even a control element with an empty string, which is
obviously bogus.  This patch adds more sanity checks of id strings.

Cc: <stable@vger.kernel.org>
Signed-off-by: default avatarTakashi Iwai <tiwai@suse.de>
Signed-off-by: default avatarSasha Levin <sasha.levin@oracle.com>
parent 095ea4b4
...@@ -1167,6 +1167,10 @@ static int snd_ctl_elem_add(struct snd_ctl_file *file, ...@@ -1167,6 +1167,10 @@ static int snd_ctl_elem_add(struct snd_ctl_file *file,
if (info->count < 1) if (info->count < 1)
return -EINVAL; return -EINVAL;
if (!*info->id.name)
return -EINVAL;
if (strnlen(info->id.name, sizeof(info->id.name)) >= sizeof(info->id.name))
return -EINVAL;
access = info->access == 0 ? SNDRV_CTL_ELEM_ACCESS_READWRITE : access = info->access == 0 ? SNDRV_CTL_ELEM_ACCESS_READWRITE :
(info->access & (SNDRV_CTL_ELEM_ACCESS_READWRITE| (info->access & (SNDRV_CTL_ELEM_ACCESS_READWRITE|
SNDRV_CTL_ELEM_ACCESS_INACTIVE| SNDRV_CTL_ELEM_ACCESS_INACTIVE|
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment