linux-stable/sound/soc
Hans de Goede 0cc65482f5
ASoC: Intel: Boards: Fix NULL pointer deref in BYT/CHT boards harder
Since commit 13f58267cd ("ASoC: soc.h: don't create dummy Component
via COMP_DUMMY()") dummy codecs declared like this:

SND_SOC_DAILINK_DEF(dummy,
        DAILINK_COMP_ARRAY(COMP_DUMMY()));

expand to:

static struct snd_soc_dai_link_component dummy[] = {
};

Which means that dummy is a zero sized array and thus dais[i].codecs should
not be dereferenced *at all* since it points to the address of the next
variable stored in the data section as the "dummy" variable has an address
but no size, so even dereferencing dais[0] is already an out of bounds
array reference.

Which means that the if (dais[i].codecs->name) check added in
commit 7d99a70b65 ("ASoC: Intel: Boards: Fix NULL pointer deref
in BYT/CHT boards") relies on that the part of the next variable which
the name member maps to just happens to be NULL.

Which apparently so far it usually is, except when it isn't
and then it results in crashes like this one:

[   28.795659] BUG: unable to handle page fault for address: 0000000000030011
...
[   28.795780] Call Trace:
[   28.795787]  <TASK>
...
[   28.795862]  ? strcmp+0x18/0x40
[   28.795872]  0xffffffffc150c605
[   28.795887]  platform_probe+0x40/0xa0
...
[   28.795979]  ? __pfx_init_module+0x10/0x10 [snd_soc_sst_bytcr_wm5102]

Really fix things this time around by checking dais.num_codecs != 0.

Fixes: 7d99a70b65 ("ASoC: Intel: Boards: Fix NULL pointer deref in BYT/CHT boards")
Cc: stable@vger.kernel.org
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Reviewed-by: Pierre-Louis Bossart <pierre-louis.bossart@linux.intel.com>
Link: https://patch.msgid.link/20240823074217.14653-1-hdegoede@redhat.com
Signed-off-by: Mark Brown <broonie@kernel.org>
2024-08-23 11:02:52 +01:00
..
adi ASoC: adi: Use *-y instead of *-objs in Makefile 2024-05-08 11:39:12 +09:00
amd ASoC: allow module autoloading for table board_ids 2024-08-21 16:25:03 +01:00
apple ASoC: apple: Use *-y instead of *-objs in Makefile 2024-05-08 11:39:14 +09:00
atmel ASoC: atmel: atmel-classd: Re-add dai_link->platform to fix card init 2024-06-06 14:04:00 +01:00
au1x ASoC: allow module autoloading for table db1200_pids 2024-08-21 16:25:02 +01:00
bcm ASoC: bcm: Use *-y instead of *-objs in Makefile 2024-05-08 11:39:16 +09:00
cirrus ASoC: cirrus: Use *-y instead of *-objs in Makefile 2024-05-08 11:39:17 +09:00
codecs ASoC: cs-amp-lib: Ignore empty UEFI calibration entries 2024-08-22 17:52:26 +01:00
dwc Linux 6.6-rc7 2023-10-23 19:38:22 +01:00
fsl ASoC: fsl_micfil: Differentiate register access permission for platforms 2024-07-29 13:36:14 +01:00
generic ASoC: simple-card: Use cleanup.h instead of devm_kfree() 2024-07-08 12:50:01 +01:00
google ASoC: google: convert not to use asoc_xxx() 2023-09-25 14:16:32 +02:00
hisilicon ASoC: hisilicon: Drop GPIO include 2023-12-18 14:03:29 +00:00
img ASoC: img: Use snd_soc_substream_to_rtd() for accessing private_data 2024-05-06 23:59:52 +09:00
intel ASoC: Intel: Boards: Fix NULL pointer deref in BYT/CHT boards harder 2024-08-23 11:02:52 +01:00
jz4740 ASoC: jz4740: Use *-y instead of *-objs in Makefile 2024-05-08 11:39:21 +09:00
kirkwood ASoC: kirkwood: Use *-y instead of *-objs in Makefile 2024-05-08 11:39:21 +09:00
loongson ASoC: loongson: Use *-y instead of *-objs in Makefile 2024-05-08 11:39:22 +09:00
mediatek ASoC: mediatek: mt8188: Mark AFE_DAC_CON0 register as volatile 2024-08-14 21:56:34 +01:00
meson ASoC: meson: axg-fifo: fix irq scheduling issue with PREEMPT_RT 2024-08-08 20:34:55 +01:00
mxs ASoC: mxs: add missing MODULE_DESCRIPTION() macro 2024-06-03 15:59:19 +01:00
pxa ASoC: pxa: Use *-y instead of *-objs in Makefile 2024-05-08 11:39:26 +09:00
qcom ASoC: qcom: topology: Simplify with cleanup.h 2024-07-09 22:50:48 +01:00
rockchip ASoC: Merge up fixes 2024-06-21 13:17:21 +01:00
samsung ASoC: samsung: midas_wm1811: Fix error code in probe() 2024-06-11 17:14:00 +01:00
sh ASoC: Constify DAI ops auto_selectable_formats 2024-06-17 18:29:02 +01:00
sof ASoC: SOF: amd: Fix for acp init sequence 2024-08-16 13:04:31 +01:00
spear ASoC: spear: Use *-y instead of *-objs in Makefile 2024-05-08 11:39:31 +09:00
sprd ASoC: sprd: Use *-y instead of *-objs in Makefile 2024-05-08 11:39:32 +09:00
starfive ASoC: starfive/jh7110-pwmdac: Convert to platform remove callback returning void 2023-10-23 13:29:44 +01:00
sti ASoC: sti: add missing probe entry for player and reader 2024-07-29 13:36:56 +01:00
stm ASoC: stm: Use *-y instead of *-objs in Makefile 2024-05-08 11:39:34 +09:00
sunxi ASoC: sunxi: Use snd_soc_substream_to_rtd() for accessing private_data 2024-05-06 23:59:56 +09:00
tegra ASoC: tegra: select CONFIG_SND_SIMPLE_CARD_UTILS 2024-07-22 13:04:50 +01:00
ti Fixes for McASP and dmaengine_pcm 2024-06-12 18:26:15 +01:00
uniphier ASoC: uniphier: Use *-y instead of *-objs in Makefile 2024-05-08 11:39:36 +09:00
ux500 ASoC: Add missing module descriptions 2024-05-09 08:37:35 +02:00
xilinx ASoC: Add missing module descriptions 2024-05-09 08:37:35 +02:00
xtensa ASoC: xtensa: Use *-y instead of *-objs in Makefile 2024-05-08 11:39:39 +09:00
Kconfig ASoC: soc-card: Add KUnit test case for snd_soc_card_get_kcontrol 2024-04-02 15:54:49 +01:00
Makefile ASoC: core: Use *-y instead of *-objs in Makefile 2024-05-08 11:39:11 +09:00
soc-ac97.c
soc-acpi.c
soc-card-test.c ASoC: soc-card: soc-card-test: Fix some error handling in init() 2024-04-14 16:54:39 +09:00
soc-card.c ASoC: soc-card: Use snd_ctl_find_id_mixer() instead of open-coding 2024-04-02 15:54:48 +01:00
soc-component.c ASoC: soc-component: Add new snd_soc_component_get_kcontrol() helpers 2024-08-02 14:04:39 +01:00
soc-compress.c ASoC: soc-compress: Fix and add DPCM locking 2024-03-18 14:41:51 +00:00
soc-core.c ASoC: Constify passed data to core function 2024-06-18 14:19:54 +01:00
soc-dai.c ASoC: Constify return of snd_soc_dai_get_pcm_stream() 2024-06-18 14:19:56 +01:00
soc-dapm.c ASoC: dapm: Simplify snd_soc_dai_link_event_pre_pmu() with cleanup.h 2024-07-08 12:50:03 +01:00
soc-devres.c
soc-generic-dmaengine-pcm.c ALSA: dmaengine: Synchronize dma channel after drop() 2024-06-11 17:13:31 +01:00
soc-jack.c ASoC: soc-jack: Get rid of legacy GPIO support 2024-03-26 17:13:45 +00:00
soc-link.c ASoC: soc-link: convert not to use asoc_xxx() 2023-09-25 14:16:50 +02:00
soc-ops.c ASoC: ops: Simplify with cleanup.h 2024-07-08 12:50:02 +01:00
soc-pcm.c ASoC: Constify return of snd_soc_dai_get_pcm_stream() 2024-06-18 14:19:56 +01:00
soc-topology-test.c ASoC: topology-test: Add missing module description 2024-05-08 20:51:10 +09:00
soc-topology.c ASoC: topology: Unify code for creating standalone and widget enum control 2024-07-02 14:27:08 +01:00
soc-utils-test.c
soc-utils.c ASoC: soc-utils: allow sample rate up to 768kHz for the dummy dai 2024-06-28 13:39:29 +01:00