aboutsummaryrefslogtreecommitdiff
path: root/net/lapb/lapb_subr.c
diff options
context:
space:
mode:
authorPeter Ujfalusi <[email protected]>2022-07-12 15:23:55 +0300
committerMark Brown <[email protected]>2022-07-12 13:45:01 +0100
commitacacd9eefd0def5a83244d88e5483b5f38ee7287 (patch)
tree7681dedc476439e9d797eb4e38fe815f6ea71b3a /net/lapb/lapb_subr.c
parent388fe2b8a3a0f597b2680e8f1ef5324e1db76ed2 (diff)
ASoC: SOF: Intel: cnl: Do not process IPC reply before firmware boot
It is not yet clear, but it is possible to create a firmware so broken that it will send a reply message before a FW_READY message (it is not yet clear if FW_READY will arrive later). Since the reply_data is allocated only after the FW_READY message, this will lead to a NULL pointer dereference if not filtered out. The issue was reported with IPC4 firmware but the same condition is present for IPC3. Reported-by: Kai Vehmanen <[email protected]> Signed-off-by: Peter Ujfalusi <[email protected]> Reviewed-by: Ranjani Sridharan <[email protected]> Reviewed-by: Pierre-Louis Bossart <[email protected]> Link: https://lore.kernel.org/r/[email protected] Signed-off-by: Mark Brown <[email protected]>
Diffstat (limited to 'net/lapb/lapb_subr.c')
0 files changed, 0 insertions, 0 deletions