Re: [PATCH] sound/isa/wavefront: copy userspace array safely

From: Takashi Iwai
Date: Fri Nov 03 2023 - 09:58:31 EST

Next message: Christoph Hellwig: "Re: [PATCH v3] nvme: update firmware version after commit"
Previous message: Steven Price: "Re: [PATCH v3 4/4] mm: swap: Swap-out small-sized THP without splitting"
In reply to: Philipp Stanner: "[PATCH] sound/isa/wavefront: copy userspace array safely"
Next in thread: Takashi Iwai: "Re: [PATCH] sound/isa/wavefront: copy userspace array safely"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, 02 Nov 2023 20:03:10 +0100,
Philipp Stanner wrote:
>
> wavefront_fx.c utilizes memdup_user() to copy a userspace array. This
> does not check for an overflow.

There is a check above the memdup_user() call; it's at most 512
bytes.

> Use the new wrapper memdup_array_user() to copy the array more safely.
>
> Suggested-by: Dave Airlie <airlied@xxxxxxxxxx>
> Signed-off-by: Philipp Stanner <pstanner@xxxxxxxxxx>

Although the check is already present, it's still better to use the
new helper, so I applied the patch now.

thanks,

Takashi

Next message: Christoph Hellwig: "Re: [PATCH v3] nvme: update firmware version after commit"
Previous message: Steven Price: "Re: [PATCH v3 4/4] mm: swap: Swap-out small-sized THP without splitting"
In reply to: Philipp Stanner: "[PATCH] sound/isa/wavefront: copy userspace array safely"
Next in thread: Takashi Iwai: "Re: [PATCH] sound/isa/wavefront: copy userspace array safely"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]