linux-stable/sound/core
Jaroslav Kysela 39a8fc4971 ALSA: rawmidi - fix the uninitalized user_pversion
The user_pversion was uninitialized for the user space file structure
in the open function, because the file private structure use
kmalloc for the allocation.

The kernel ALSA sequencer code clears the file structure, so no additional
fixes are required.

Cc: stable@kernel.org
Cc: broonie@kernel.org
BugLink: https://github.com/alsa-project/alsa-lib/issues/178
Fixes: 09d2317440 ("ALSA: rawmidi: introduce SNDRV_RAWMIDI_IOCTL_USER_PVERSION")
Reported-by: syzbot+88412ee8811832b00dbe@syzkaller.appspotmail.com
Signed-off-by: Jaroslav Kysela <perex@perex.cz>
Link: https://lore.kernel.org/r/20211218123925.2583847-1-perex@perex.cz
Signed-off-by: Takashi Iwai <tiwai@suse.de>
2021-12-22 20:18:27 +01:00
..
oss ALSA: pcm: oss: Handle missing errors in snd_pcm_oss_change_params*() 2021-12-02 09:02:22 +01:00
seq Merge branch 'for-linus' into for-next 2021-08-09 07:53:22 +02:00
compress_offload.c ALSA: compress: Initialize mutex in snd_compress_new() 2021-07-15 10:22:38 +02:00
control_compat.c ALSA: ctl: Fix copy of updated id with element read/write 2021-12-02 16:41:07 +01:00
control_led.c ALSA: core: control_led: use strscpy instead of strlcpy 2021-08-13 08:05:17 +02:00
control.c ALSA: control: Minor optimization for SNDRV_CTL_IOCTL_POWER_STATE 2021-05-25 08:49:06 +02:00
ctljack.c ALSA: Convert strlcpy to strscpy when return value is unused 2021-01-08 09:30:05 +01:00
device.c ALSA: core: Add snd_device_get_state() helper 2020-03-23 18:09:19 +01:00
hrtimer.c ALSA: timer: Replace tasklet with work 2020-09-09 18:32:52 +02:00
hwdep_compat.c ALSA: compat_ioctl: avoid compat_alloc_user_space 2020-09-21 10:37:07 +02:00
hwdep.c ALSA: core: Fix assignment in if condition 2021-06-09 17:30:22 +02:00
info_oss.c ALSA: core: Fix assignment in if condition 2021-06-09 17:30:22 +02:00
info.c isystem: trim/fixup stdarg.h and other headers 2021-08-19 09:02:55 +09:00
init.c ALSA: core: Fix double calls of snd_card_free() via devres 2021-07-31 10:36:06 +02:00
isadma.c ALSA: core: Add device-managed request_dma() 2021-07-19 16:16:34 +02:00
jack.c ALSA: jack: Check the return value of kstrdup() 2021-12-13 10:38:27 +01:00
Kconfig ALSA: control - add generic LED trigger module as the new control layer 2021-03-30 15:33:58 +02:00
Makefile Revert "ALSA: memalloc: Convert x86 SG-buffer handling with non-contiguous type" 2021-11-04 22:10:03 +01:00
memalloc_local.h ALSA: memalloc: Support for non-contiguous page allocation 2021-10-18 13:32:10 +02:00
memalloc.c ALSA: memalloc: Remove a stale comment 2021-11-10 07:35:23 +01:00
memory.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156 2019-05-30 11:26:35 -07:00
misc.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156 2019-05-30 11:26:35 -07:00
pcm_compat.c ALSA: memalloc: Support for non-contiguous page allocation 2021-10-18 13:32:10 +02:00
pcm_dmaengine.c ASoC: dmaengine_pcm: add peripheral configuration 2021-02-05 17:16:41 +00:00
pcm_drm_eld.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
pcm_iec958.c ALSA: iec958: Split status creation and fill 2021-06-08 17:05:41 +02:00
pcm_lib.c ALSA: memalloc: Support for non-contiguous page allocation 2021-10-18 13:32:10 +02:00
pcm_local.h ALSA: memalloc: Support for non-contiguous page allocation 2021-10-18 13:32:10 +02:00
pcm_memory.c ALSA: memalloc: Support for non-contiguous page allocation 2021-10-18 13:32:10 +02:00
pcm_misc.c ALSA: pcm: Fix assignment in if condition 2021-06-09 17:30:24 +02:00
pcm_native.c ALSA: memalloc: Support for non-contiguous page allocation 2021-10-18 13:32:10 +02:00
pcm_param_trace.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
pcm_timer.c ALSA: timer: Constify snd_timer_hardware definitions 2020-01-03 09:24:07 +01:00
pcm_trace.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
pcm.c ALSA: pcm: use DEVICE_ATTR_RO macro 2021-05-25 09:00:04 +02:00
rawmidi_compat.c ALSA: rawmidi: Add framing mode 2021-05-17 16:02:44 +02:00
rawmidi.c ALSA: rawmidi - fix the uninitalized user_pversion 2021-12-22 20:18:27 +01:00
seq_device.c ALSA: seq: Fix a potential UAF by wrong private_free call order 2021-09-30 14:13:22 +02:00
sgbuf.c Revert "ALSA: memalloc: Convert x86 SG-buffer handling with non-contiguous type" 2021-11-04 22:10:03 +01:00
sound_oss.c ALSA: core: Fix assignment in if condition 2021-06-09 17:30:22 +02:00
sound.c ALSA: core: Fix assignment in if condition 2021-06-09 17:30:22 +02:00
timer_compat.c ALSA: Convert strlcpy to strscpy when return value is unused 2021-01-08 09:30:05 +01:00
timer.c ALSA: timer: Unconditionally unlink slave instances, too 2021-11-05 11:27:27 +01:00
vmaster.c ALSA: Replace the word "slave" in vmaster API 2020-07-20 10:10:47 +02:00