diff mbox series

staging: bcm2835-audio: Validate values written to controls

Message ID 20250415-staging-bcm2835-alsa-limit-v1-1-4ed816e9c0fc@kernel.org (mailing list archive)
State New
Headers show
Series staging: bcm2835-audio: Validate values written to controls | expand

Commit Message

Mark Brown April 15, 2025, 1:31 p.m. UTC 
The bcm2835-audio driver makes no effort to validate the values it accepts
from userspace, causing it to accept invalid values:

# # PCM Playback Switch.0 Invalid boolean value 2
# not ok 5 write_invalid.Headphones.1
# # PCM Playback Volume.0 value -10240 less than minimum -10239
# # PCM Playback Volume.0 value 401 more than maximum 400
# not ok 12 write_invalid.Headphones.0

Add validation.

Signed-off-by: Mark Brown <broonie@kernel.org>
---
 drivers/staging/vc04_services/bcm2835-audio/bcm2835-ctl.c | 6 ++++++
 1 file changed, 6 insertions(+)


---
base-commit: 8ffd015db85fea3e15a77027fda6c02ced4d2444
change-id: 20250414-staging-bcm2835-alsa-limit-542d1e8f30a9

Best regards,
diff mbox series

Patch

diff --git a/drivers/staging/vc04_services/bcm2835-audio/bcm2835-ctl.c b/drivers/staging/vc04_services/bcm2835-audio/bcm2835-ctl.c
index 1c1f040122d7..7d0ddd5c8cce 100644
--- a/drivers/staging/vc04_services/bcm2835-audio/bcm2835-ctl.c
+++ b/drivers/staging/vc04_services/bcm2835-audio/bcm2835-ctl.c
@@ -71,6 +71,7 @@  static int snd_bcm2835_ctl_put(struct snd_kcontrol *kcontrol,
 			       struct snd_ctl_elem_value *ucontrol)
 {
 	struct bcm2835_chip *chip = snd_kcontrol_chip(kcontrol);
+	struct snd_ctl_elem_info info;
 	int val, *valp;
 	int changed = 0;
 
@@ -84,6 +85,11 @@  static int snd_bcm2835_ctl_put(struct snd_kcontrol *kcontrol,
 		return -EINVAL;
 
 	val = ucontrol->value.integer.value[0];
+
+	snd_bcm2835_ctl_info(kcontrol, &info);
+	if (val < info.value.integer.min || val > info.value.integer.max)
+		return -EINVAL;
+
 	mutex_lock(&chip->audio_mutex);
 	if (val != *valp) {
 		*valp = val;