From de352c72d1b401236db5f2c83b52c2df0b6b37ed Mon Sep 17 00:00:00 2001 From: Xiaojun Sang Date: Mon, 10 Oct 2016 15:44:23 +0800 Subject: [PATCH] ASoC: qdsp6v2: fix potential bug of infinite loop When variable bufsz equals to 0, there would be infinite loop at q6asm_audio_client_buf_alloc. Fix the potential bug by checking bufsz beforehand. CRs-Fixed: 1072280 Change-Id: I9640112b8945dc603e3af55fc1096bea9f7e6634 Signed-off-by: Xiaojun Sang --- sound/soc/msm/qdsp6v2/q6asm.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/sound/soc/msm/qdsp6v2/q6asm.c b/sound/soc/msm/qdsp6v2/q6asm.c index 88c27339b299..0ea94cb52bfb 100644 --- a/sound/soc/msm/qdsp6v2/q6asm.c +++ b/sound/soc/msm/qdsp6v2/q6asm.c @@ -1221,8 +1221,9 @@ int q6asm_audio_client_buf_alloc(unsigned int dir, struct audio_buffer *buf; size_t len; - if (!(ac) || ((dir != IN) && (dir != OUT))) { - pr_err("%s: ac %pK dir %d\n", __func__, ac, dir); + if (!(ac) || !(bufsz) || ((dir != IN) && (dir != OUT))) { + pr_err("%s: ac %pK bufsz %d dir %d\n", __func__, ac, bufsz, + dir); return -EINVAL; }