Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Skip to content
Commit 6217e5ed authored by Dan Carpenter's avatar Dan Carpenter Committed by Takashi Iwai
Browse files

ALSA: compress: fix an integer overflow check 



I previously added an integer overflow check here but looking at it now,
it's still buggy.

The bug happens in snd_compr_allocate_buffer().  We multiply
".fragments" and ".fragment_size" and that doesn't overflow but then we
save it in an unsigned int so it truncates the high bits away and we
allocate a smaller than expected size.

Fixes: b35cc822 ('ALSA: compress_core: integer overflow in snd_compr_allocate_buffer()')
Signed-off-by: default avatarDan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: default avatarTakashi Iwai <tiwai@suse.de>
parent 892028ac
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment