lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Sun, 08 Sep 2013 20:56:43 -0700 From: Chris Brannon <chris@...-brannons.com> To: "Raphael S.Carvalho" <raphael.scarv@...il.com> Cc: William Hubbs <w.d.hubbs@...il.com>, Kirk Reiser <kirk@...sers.ca>, Samuel Thibault <samuel.thibault@...-lyon.org>, Greg Kroah-Hartman <gregkh@...uxfoundation.org>, Andy Shevchenko <andriy.shevchenko@...ux.intel.com>, Andrew Morton <akpm@...ux-foundation.org>, speakup@...ille.uwo.ca, devel@...verdev.osuosl.org, linux-kernel@...r.kernel.org Subject: Re: [PATCH 1/1] staging/speakup/kobjects.c: Code improvement. "Raphael S.Carvalho" <raphael.scarv@...il.com> writes: > + /* > + * If voice was just changed, we might need to reset our default > + * pitch and volume. > + */ > + if (param->var_id == VOICE) { > + spk_reset_default_value("pitch", synth->default_pitch, > + value); > + spk_reset_default_value("vol", synth->default_vol, > + value); There's an "invalid read" bug here. You didn't introduce it; it has been there all along. It's possible that value contains a value that is out of range, in which case, the spk_reset_default_value calls could fetch invalid data. The value of ret should be sufficient for determining whether value is in range, so I'd change the condition of the if statement to this: if (param->var_id == VOICE && ret != -ERANGE) { Or possibly better: if (param->var_id == VOICE && ret == 0) { I'd say please resend with that fix, or if not, I can send a one-line patch to be applied after yours. -- Chris -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists