Google Git
Sign in
kernel / pub / scm / linux / kernel / git / tiwai / sound / ce2335cd14b6585d57dc05a4375a506079adba81
commitce2335cd14b6585d57dc05a4375a506079adba81[log] [tgz]
authorSamasth Norway Ananda <samasth.norway.ananda@oracle.com>Tue Sep 09 15:51:11 2025 -0700
committerMark Brown <broonie@kernel.org>Thu Sep 18 22:26:31 2025 +0100
tree9970815d2790b9ef9c959804b5d540b31758b069
parent32bd60d5eca048fb91eed723799c0b4a847c18e4 [diff]
ASoC: SOF: ipc3-dtrace: fix potential integer overflow in allocation

Fix a potential integer overflow vulnerability in trace_filter_parse()
where the allocation size calculation could overflow.

The issue occurs when:
1. capacity is calculated by adding TRACE_FILTER_ELEMENTS_PER_ENTRY in a
   loop for each entry found in the input string.
2. capacity * sizeof(**out) multiplication could overflow if many
   entries are present in the input.
3. This results in a smaller allocation than expected, leading to
   potential buffer overflow.

Replace kmalloc() with kmalloc_array() which provides built-in overflow
checking and will safely fail the allocation if overflow would occur,
preventing memory corruption.

Signed-off-by: Samasth Norway Ananda <samasth.norway.ananda@oracle.com>
Link: https://patch.msgid.link/20250909225111.3740029-1-samasth.norway.ananda@oracle.com
Signed-off-by: Mark Brown <broonie@kernel.org>
1 file changed
tree: 9970815d2790b9ef9c959804b5d540b31758b069
  1. arch/
  2. block/
  3. certs/
  4. crypto/
  5. Documentation/
  6. drivers/
  7. fs/
  8. include/
  9. init/
  10. io_uring/
  11. ipc/
  12. kernel/
  13. lib/
  14. LICENSES/
  15. mm/
  16. net/
  17. rust/
  18. samples/
  19. scripts/
  20. security/
  21. sound/
  22. tools/
  23. usr/
  24. virt/
  25. .clang-format
  26. .clippy.toml
  27. .cocciconfig
  28. .editorconfig
  29. .get_maintainer.ignore
  30. .gitattributes
  31. .gitignore
  32. .mailmap
  33. .pylintrc
  34. .rustfmt.toml
  35. COPYING
  36. CREDITS
  37. Kbuild
  38. Kconfig
  39. MAINTAINERS
  40. Makefile
  41. README