|
 |
6e7d01 |
From 96c8fcafa7325cd0e8a23a743a55f0ad0aa9f79b Mon Sep 17 00:00:00 2001
|
|
|
6e7d01 |
From: Gerd Hoffmann <kraxel@redhat.com>
|
|
|
6e7d01 |
Date: Thu, 18 Mar 2021 09:13:42 -0400
|
|
|
6e7d01 |
Subject: [PATCH 5/5] audio: audio_generic_get_buffer_in should honor *size
|
|
|
6e7d01 |
MIME-Version: 1.0
|
|
|
6e7d01 |
Content-Type: text/plain; charset=UTF-8
|
|
|
6e7d01 |
Content-Transfer-Encoding: 8bit
|
|
|
6e7d01 |
|
|
|
6e7d01 |
RH-Author: Gerd Hoffmann <kraxel@redhat.com>
|
|
|
6e7d01 |
Message-id: <20210318091342.3232471-2-kraxel@redhat.com>
|
|
|
6e7d01 |
Patchwork-id: 101352
|
|
|
6e7d01 |
O-Subject: [RHEL-8.4.0 qemu-kvm PATCH 1/1] audio: audio_generic_get_buffer_in should honor *size
|
|
|
6e7d01 |
Bugzilla: 1932823
|
|
|
6e7d01 |
RH-Acked-by: Stefan Hajnoczi <stefanha@redhat.com>
|
|
|
6e7d01 |
RH-Acked-by: Danilo de Paula <ddepaula@redhat.com>
|
|
|
6e7d01 |
RH-Acked-by: Philippe Mathieu-Daudé <philmd@redhat.com>
|
|
|
6e7d01 |
|
|
|
6e7d01 |
From: Volker Rümelin <vr_qemu@t-online.de>
|
|
|
6e7d01 |
|
|
|
6e7d01 |
The function generic_get_buffer_in currently ignores the *size
|
|
|
6e7d01 |
parameter and may return a buffer larger than *size.
|
|
|
6e7d01 |
|
|
|
6e7d01 |
As a result the variable samples in function
|
|
|
6e7d01 |
audio_pcm_hw_run_in may underflow. The while loop then most
|
|
|
6e7d01 |
likely will never termiate.
|
|
|
6e7d01 |
|
|
|
6e7d01 |
Buglink: http://bugs.debian.org/948658
|
|
|
6e7d01 |
Signed-off-by: Volker Rümelin <vr_qemu@t-online.de>
|
|
|
6e7d01 |
Message-Id: <20200123074943.6699-9-vr_qemu@t-online.de>
|
|
|
6e7d01 |
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
|
|
|
6e7d01 |
(cherry picked from commit 599eac4e5a41e828645594097daee39373acc3c0)
|
|
|
6e7d01 |
Signed-off-by: Danilo C. L. de Paula <ddepaula@redhat.com>
|
|
|
6e7d01 |
---
|
|
|
6e7d01 |
audio/audio.c | 3 ++-
|
|
|
6e7d01 |
1 file changed, 2 insertions(+), 1 deletion(-)
|
|
|
6e7d01 |
|
|
|
6e7d01 |
diff --git a/audio/audio.c b/audio/audio.c
|
|
|
6e7d01 |
index 56fae55047..39a62fc62a 100644
|
|
|
6e7d01 |
--- a/audio/audio.c
|
|
|
6e7d01 |
+++ b/audio/audio.c
|
|
|
6e7d01 |
@@ -1402,7 +1402,8 @@ void *audio_generic_get_buffer_in(HWVoiceIn *hw, size_t *size)
|
|
|
6e7d01 |
}
|
|
|
6e7d01 |
assert(start >= 0 && start < hw->size_emul);
|
|
|
6e7d01 |
|
|
|
6e7d01 |
- *size = MIN(hw->pending_emul, hw->size_emul - start);
|
|
|
6e7d01 |
+ *size = MIN(*size, hw->pending_emul);
|
|
|
6e7d01 |
+ *size = MIN(*size, hw->size_emul - start);
|
|
|
6e7d01 |
return hw->buf_emul + start;
|
|
|
6e7d01 |
}
|
|
|
6e7d01 |
|
|
|
6e7d01 |
--
|
|
|
6e7d01 |
2.27.0
|
|
|
6e7d01 |
|