Re: A divide error bug in snd_pcm_write

From: Takashi Iwai
Date: Mon Sep 26 2022 - 14:13:51 EST

Next message: Ira Weiny: "Re: [PATCH] dax: Remove usage of the deprecated ida_simple_xxx API"
Previous message: syzbot: "[syzbot] KASAN: use-after-free Write in sctp_auth_shkey_hold (2)"
In reply to: butt3rflyh4ck: "Re: A divide error bug in snd_pcm_write"
Next in thread: butt3rflyh4ck: "Re: A divide error bug in snd_pcm_write"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, 26 Sep 2022 19:16:48 +0200,
butt3rflyh4ck wrote:
>
> The latest kernel upstream.
> Yes, but using mmap, you can map the runtime->status page, and then
> copy the data through memcpy to overwrite the status->state data, or
> even more, which is incredible.

Ah, then that's exactly the case my latest patch set covers.
Either the first patch or the second patch alone should work.
https://lore.kernel.org/r/20220926135558.26580-2-tiwai@xxxxxxx
https://lore.kernel.org/r/20220926135558.26580-3-tiwai@xxxxxxx

Could you verify either of them fixes the problem?

thanks,

Takashi

Next message: Ira Weiny: "Re: [PATCH] dax: Remove usage of the deprecated ida_simple_xxx API"
Previous message: syzbot: "[syzbot] KASAN: use-after-free Write in sctp_auth_shkey_hold (2)"
In reply to: butt3rflyh4ck: "Re: A divide error bug in snd_pcm_write"
Next in thread: butt3rflyh4ck: "Re: A divide error bug in snd_pcm_write"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]