lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Mon, 12 Feb 2018 20:32:53 +0100
From:   Kirill Marinushkin <k.marinushkin@...il.com>
To:     Takashi Iwai <tiwai@...e.de>
Cc:     perex@...ex.cz, alsa-devel@...a-project.org,
        Stephen Barber <smbarber@...omium.org>,
        Bhumika Goyal <bhumirks@...il.com>,
        Jaejoong Kim <climbbb.kim@...il.com>,
        Julian Scheel <julian@...st.de>, linux-kernel@...r.kernel.org,
        stable@...r.kernel.org
Subject: Re: [PATCH] ALSA: usb-audio: Fix UAC2 get_ctl request with a RANGE
 attribute

Hello maintainers of <stable@...r.kernel.org>,


As discussed earlier in this thread, I propose this patch to stable.

It fixes the issue, which exists since v2.6.34.


Best Regards,

Kirill

On 02/12/18 09:08, Takashi Iwai wrote:
> On Thu, 08 Feb 2018 07:21:36 +0100,
> Kirill Marinushkin wrote:
>> On 02/07/18 06:45, Takashi Iwai wrote:
>>> On Mon, 29 Jan 2018 06:37:55 +0100,
>>> Kirill Marinushkin wrote:
>>>> The layout of the UAC2 Control request and response varies depending on
>>>> the request type. With the current implementation, only the Layout 2
>>>> Parameter Block (with the 2-byte sized RANGE attribute) is handled
>>>> properly. For the Control requests with the 1-byte sized RANGE attribute
>>>> (Bass Control, Mid Control, Tremble Control), the response is parsed
>>>> incorrectly.
>>>>
>>>> This commit:
>>>> * fixes the wLength field value in the request
>>>> * fixes parsing the range values from the response
>>>>
>>>> Fixes: 23caaf19b11e ("ALSA: usb-mixer: Add support for Audio Class v2.0")
>>>> Signed-off-by: Kirill Marinushkin <k.marinushkin@...il.com>
>>>> Cc: Jaroslav Kysela <perex@...ex.cz>
>>>> Cc: Takashi Iwai <tiwai@...e.com>
>>>> Cc: Jaejoong Kim <climbbb.kim@...il.com>
>>>> Cc: Bhumika Goyal <bhumirks@...il.com>
>>>> Cc: Stephen Barber <smbarber@...omium.org>
>>>> Cc: Julian Scheel <julian@...st.de>
>>>> Cc: alsa-devel@...a-project.org
>>>> Cc: linux-kernel@...r.kernel.org
>>> Sorry for the late reply, as I've been (and still) off.
>>>
>>> Does this bug actually hit on any real devices, or is it only a
>>> logical error so far?  In the former case, a Cc to stable is
>>> mandatory.
>>>
>>> In anyway, I'll review and merge it properly once after I back to
>>> work.
>>>
>>>
>>> thanks,
>>>
>>> Takashi
>> Hello Takashi,
>>
>> Thank you for your answer. I will wait until you are back to work, don't 
>> worry about the late replies.
>>
>> I did not hit the issue on a real device.
>>
>> During my UAC2 experiments, I reproduced this issue on the development 
>> board, and then tested my solution on it.
> OK, if it happened on a development system, it's a real issue, and we
> should put Cc to stable.  Now I applied the patch.
>
> Thanks!
>
>
> Takashi

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ