| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 10 Aug 2011 17:33:02 +0200
From: Daniel Mack <zonque@...il.com>
To: Alan Stern <stern@...land.harvard.edu>
CC: Florian Mickler <florian@...kler.org>,
Oliver Neukum <oliver@...kum.org>, linux-usb@...r.kernel.org,
alsa-devel@...a-project.org, Takashi Iwai <tiwai@...e.de>,
Clemens Ladisch <clemens@...isch.de>, pedrib@...il.com,
William Light <wrl@...est.net>, Greg KH <greg@...ah.com>,
linux-kernel@...r.kernel.org, Robert Hancock <hancockrwd@...il.com>
Subject: Re: Allocating buffers for USB transfers (again)
On 08/10/2011 04:32 PM, Alan Stern wrote:
> Looking at the driver's current code, it appears that your patch
> does not fix the bug properly. Using discontiguous regions in the
> transfer buffer is perfectly okay. The real problem is later on,
> where you do:
>
> if (send_it) { out->number_of_packets = FRAMES_PER_URB;
>
> This should be
>
> out->number_of_packets = outframe;
>
> The way it is now, the USB stack will try to use data from all the
> frame descriptors, and the last few will be stale because the loop
> doesn't set them.
That's actually true, even though it doesn't seem to cause any trouble.
I tested everything here of course, and the output URBs return back from
the USB stack with their length fields zeroed out, which then
causes the stack to send packets with zero-length fields at the end.
However, doing it right doesn't harm either. Thanks for spotting.
Takashi, can you apply this version?
Thanks,
Daniel
View attachment "0001-ALSA-snd-usb-caiaq-Correct-offset-fields-of-outbound.patch" of type "text/plain" (1796 bytes)
Powered by blists - more mailing lists