diff options
| author | Gustavo A. R. Silva <[email protected]> | 2019-03-20 18:42:01 -0500 | 
|---|---|---|
| committer | Takashi Iwai <[email protected]> | 2019-03-21 13:23:51 +0100 | 
| commit | c709f14f0616482b67f9fbcb965e1493a03ff30b (patch) | |
| tree | 2cfa6b64ad0a88d95aea65c6c2d13fdb8face6da /lib/test_fortify/write_overflow-strcpy.c | |
| parent | 2b1d9c8f87235f593826b9cf46ec10247741fff9 (diff) | |
ALSA: seq: oss: Fix Spectre v1 vulnerability
dev is indirectly controlled by user-space, hence leading to
a potential exploitation of the Spectre variant 1 vulnerability.
This issue was detected with the help of Smatch:
sound/core/seq/oss/seq_oss_synth.c:626 snd_seq_oss_synth_make_info() warn: potential spectre issue 'dp->synths' [w] (local cap)
Fix this by sanitizing dev before using it to index dp->synths.
Notice that given that speculation windows are large, the policy is
to kill the speculation on the first load and not worry if it can be
completed with a dependent load/store [1].
[1] https://lore.kernel.org/lkml/[email protected]/
Cc: [email protected]
Signed-off-by: Gustavo A. R. Silva <[email protected]>
Signed-off-by: Takashi Iwai <[email protected]>
Diffstat (limited to 'lib/test_fortify/write_overflow-strcpy.c')
0 files changed, 0 insertions, 0 deletions