-
Volker Rümelin authoredIn function oss_read() a read error currently does not exit the read loop. With no data to read the variable pos will quickly underflow and a subsequent successful read overwrites memory outside the buffer. This patch adds the missing break statement to the error path of the function. To reproduce start qemu with -audiodev oss,id=audio0 and in the guest start audio recording. After some time this will trigger an exception. Fixes: 3ba4066d "ossaudio: port to the new audio backend api" Signed-off-by:
Volker Rümelin <vr_qemu@t-online.de>
Message-id: 20200707180836.5435-1-vr_qemu@t-online.de
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>Volker Rümelin authoredIn function oss_read() a read error currently does not exit the read loop. With no data to read the variable pos will quickly underflow and a subsequent successful read overwrites memory outside the buffer. This patch adds the missing break statement to the error path of the function. To reproduce start qemu with -audiodev oss,id=audio0 and in the guest start audio recording. After some time this will trigger an exception. Fixes: 3ba4066d "ossaudio: port to the new audio backend api" Signed-off-by:
Volker Rümelin <vr_qemu@t-online.de>
Message-id: 20200707180836.5435-1-vr_qemu@t-online.de
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Loading