dsp: afe: check for payload size before payload access
Check if payload data is big enough before accessing the data in it. Change-Id: I939f205a8cebf6ef4859f81fae5429bca013d540 Signed-off-by: Karthikeyan Mani <kmani@codeaurora.org>
This commit is contained in:
parent
a72aa003e4
commit
8dc3bb6ce4
|
@ -1,4 +1,4 @@
|
||||||
/* Copyright (c) 2012-2016, 2019 The Linux Foundation. All rights reserved.
|
/* Copyright (c) 2012-2019, The Linux Foundation. All rights reserved.
|
||||||
*
|
*
|
||||||
* This program is free software; you can redistribute it and/or modify
|
* This program is free software; you can redistribute it and/or modify
|
||||||
* it under the terms of the GNU General Public License version 2 and
|
* it under the terms of the GNU General Public License version 2 and
|
||||||
|
@ -235,6 +235,11 @@ static int32_t afe_callback(struct apr_client_data *data, void *priv)
|
||||||
uint16_t port_id = 0;
|
uint16_t port_id = 0;
|
||||||
payload = data->payload;
|
payload = data->payload;
|
||||||
if (data->opcode == APR_BASIC_RSP_RESULT) {
|
if (data->opcode == APR_BASIC_RSP_RESULT) {
|
||||||
|
if (data->payload_size < (2 * sizeof(uint32_t))) {
|
||||||
|
pr_err("%s: Error: size %d is less than expected\n",
|
||||||
|
__func__, data->payload_size);
|
||||||
|
return -EINVAL;
|
||||||
|
}
|
||||||
pr_debug("%s:opcode = 0x%x cmd = 0x%x status = 0x%x token=%d\n",
|
pr_debug("%s:opcode = 0x%x cmd = 0x%x status = 0x%x token=%d\n",
|
||||||
__func__, data->opcode,
|
__func__, data->opcode,
|
||||||
payload[0], payload[1], data->token);
|
payload[0], payload[1], data->token);
|
||||||
|
|
Loading…
Reference in New Issue