Skip to content

Commit

Permalink
audio: kpb: fix potential NULL pointer dereference in device list reset
Browse files Browse the repository at this point in the history
This patch addresses a potential NULL pointer dereference issue in the
`devicelist_reset` function within the Key Phrase Buffer (KPB)
component. The issue was exposed by a recent change in Zephyr's MMU
mapping for Intel ADSP ACE30, which now catches NULL pointer accesses.

The `devicelist_reset` function previously iterated over the entire
`DEVICE_LIST_SIZE` when clearing items and zeroing pointers, which could
lead to dereferencing NULL pointers. The fix involves iterating only up
to `devlist->count` to ensure that only valid pointers are accessed.

This change prevents potential NULL pointer dereference and ensures the
stability of the KPB component.

Link: thesofproject#9687

Signed-off-by: Tomasz Leman <tomasz.m.leman@intel.com>
  • Loading branch information
tmleman committed Nov 28, 2024
1 parent 40ed1e2 commit 5171c84
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions src/audio/kpb.c
Original file line number Diff line number Diff line change
Expand Up @@ -2405,11 +2405,11 @@ static void devicelist_reset(struct device_list *devlist, bool remove_items)
{
/* clear items */
if (remove_items) {
for (int i = 0; i < DEVICE_LIST_SIZE; i++)
for (int i = 0; i < devlist->count; i++)
*devlist->devs[i] = NULL;
}
/* zero the pointers */
for (int i = 0; i < DEVICE_LIST_SIZE; i++)
for (int i = 0; i < devlist->count; i++)
devlist->devs[i] = NULL;

devlist->count = 0;
Expand Down

0 comments on commit 5171c84

Please sign in to comment.