lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date:   Tue, 19 Dec 2017 09:11:04 +0530
From:   Satendra Singh Thakur <satendra.t@...sung.com>
To:     linux-kernel@...r.kernel.org, linux-media@...r.kernel.org
Cc:     pawel@...iak.com, m.szyprowski@...sung.com,
        kyungmin.park@...sung.com, mchehab@...nel.org,
        satendra.t@...sung.com, madhur.verma@...sung.com,
        hemanshu.s@...sung.com, sst2005@...il.com
Subject: [PATCH] [VB2-CORE] Fixed bug about unnecessary calls to queue
 cancel and free

-When the func vb2_core_reqbufs is called first time after
 vb2_core_queue_init, the condition q->memory != memory
 always gets satisfied since q->memory = 0 in
 vb2_core_queue_init.
-After the condition is true,
 unnecessary calls to __vb2_queue_cancel and
 __vb2_queue_free are done
-In such case, *count is non-zero, q->num_buffers is zero
 and q->memory is 0 which is not equal to  memory field
 *count=N, q->num_buffers=0, q->memory != memory

Signed-off-by: Satendra Singh Thakur <satendra.t@...sung.com>
---
 drivers/media/v4l2-core/videobuf2-core.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/drivers/media/v4l2-core/videobuf2-core.c b/drivers/media/v4l2-core/videobuf2-core.c
index a8589d9..b1140d5 100644
--- a/drivers/media/v4l2-core/videobuf2-core.c
+++ b/drivers/media/v4l2-core/videobuf2-core.c
@@ -662,7 +662,8 @@ int vb2_core_reqbufs(struct vb2_queue *q, enum vb2_memory memory,
 		return -EBUSY;
 	}
 
-	if (*count == 0 || q->num_buffers != 0 || q->memory != memory) {
+	if (*count == 0 || q->num_buffers != 0 ||
+		(q->memory && q->memory != memory)) {
 		/*
 		 * We already have buffers allocated, so first check if they
 		 * are not in use and can be freed.
-- 
2.7.4

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ