From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <stable-owner@vger.kernel.org>
Received: from mail.linuxfoundation.org ([140.211.169.12]:42966 "EHLO
        mail.linuxfoundation.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1753482AbcKOQnC (ORCPT
        <rfc822;stable@vger.kernel.org>); Tue, 15 Nov 2016 11:43:02 -0500
Subject: Patch "ALSA: info: Return error for invalid read/write" has been added to the 4.8-stable tree
To: tiwai@suse.de, gregkh@linuxfoundation.org
Cc: <stable@vger.kernel.org>, <stable-commits@vger.kernel.org>
From: <gregkh@linuxfoundation.org>
Date: Tue, 15 Nov 2016 17:43:05 +0100
Message-ID: <1479228185660@kroah.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=ANSI_X3.4-1968
Content-Transfer-Encoding: 8bit
Sender: stable-owner@vger.kernel.org
List-ID: <stable.vger.kernel.org>


This is a note to let you know that I've just added the patch titled

    ALSA: info: Return error for invalid read/write

to the 4.8-stable tree which can be found at:
    http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary

The filename of the patch is:
     alsa-info-return-error-for-invalid-read-write.patch
and it can be found in the queue-4.8 subdirectory.

If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@vger.kernel.org> know about it.


>>From 6809cd682b82dfff47943850d1a8c714f971b5ca Mon Sep 17 00:00:00 2001
From: Takashi Iwai <tiwai@suse.de>
Date: Sun, 30 Oct 2016 22:13:19 +0100
Subject: ALSA: info: Return error for invalid read/write

From: Takashi Iwai <tiwai@suse.de>

commit 6809cd682b82dfff47943850d1a8c714f971b5ca upstream.

Currently the ALSA proc handler allows read or write even if the proc
file were write-only or read-only.  It's mostly harmless, does thing
but allocating memory and ignores the input/output.  But it doesn't
tell user about the invalid use, and it's confusing and inconsistent
in comparison with other proc files.

This patch adds some sanity checks and let the proc handler returning
an -EIO error when the invalid read/write is performed.

Signed-off-by: Takashi Iwai <tiwai@suse.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

---
 sound/core/info.c |    6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

--- a/sound/core/info.c
+++ b/sound/core/info.c
@@ -325,6 +325,8 @@ static ssize_t snd_info_text_entry_write
 	size_t next;
 	int err = 0;
 
+	if (!entry->c.text.write)
+		return -EIO;
 	pos = *offset;
 	if (!valid_pos(pos, count))
 		return -EIO;
@@ -366,7 +368,9 @@ static int snd_info_seq_show(struct seq_
 	struct snd_info_private_data *data = seq->private;
 	struct snd_info_entry *entry = data->entry;
 
-	if (entry->c.text.read) {
+	if (!entry->c.text.read) {
+		return -EIO;
+	} else {
 		data->rbuffer->buffer = (char *)seq; /* XXX hack! */
 		entry->c.text.read(entry, data->rbuffer);
 	}


Patches currently in stable-queue which might be from tiwai@suse.de are

queue-4.8/alsa-info-limit-the-proc-text-input-size.patch
queue-4.8/alsa-info-return-error-for-invalid-read-write.patch