Home Explore Help
Register Sign In
phyus
/
linux-vybrid_public
8
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

sound: ensure device number is valid in snd_seq_oss_synth_make_info

snd_seq_oss_synth_make_info() incorrectly reports information
to userspace without first checking for the validity of the
device number, leading to possible information leak (CVE-2008-3272).

Reported-By: Tobias Klein <tk@trapkit.de>
Acked-and-tested-by: Takashi Iwai <tiwai@suse.de>
Cc: stable@kernel.org
Signed-off-by: Willy Tarreau <w@1wt.eu>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Willy Tarreau 17 years ago
parent
82248a5e92
commit
82e68f7ffe
1 changed files with 3 additions and 0 deletions
Split View Show Diff Stats
  1. 3 0
      sound/core/seq/oss/seq_oss_synth.c

+ 3 - 0
sound/core/seq/oss/seq_oss_synth.c
View File 

@@ -604,6 +604,9 @@ snd_seq_oss_synth_make_info(struct seq_oss_devinfo *dp, int dev, struct synth_in
 
 {
 
 	struct seq_oss_synth *rec;
 
 
+	if (dev < 0 || dev >= dp->max_synthdev)
 
+		return -ENXIO;
 
+
 
 	if (dp->synths[dev].is_midi) {
 
 		struct midi_info minf;
 
 		snd_seq_oss_midi_make_info(dp, dp->synths[dev].midi_mapped, &minf);