lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <28c3fc44-0d4c-25e2-c9f4-d240c6d239f0@canonical.com>
Date:   Thu, 27 Jun 2019 15:01:40 +0100
From:   Colin Ian King <colin.king@...onical.com>
To:     Jaroslav Kysela <perex@...ex.cz>, Takashi Iwai <tiwai@...e.com>,
        alsa-devel@...a-project.org
Cc:     "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>
Subject: static analysis bug report: ALSA: swapped client and port arguments
 in calls to snd_seq_oss_fill_addr

Hi there,

Static analysis with Coverity has picked up two potential issues with
the call to function snd_seq_oss_fill_addr. The prototype of
snd_seq_oss_fill_addr is as follows:

static inline void
snd_seq_oss_fill_addr(struct seq_oss_devinfo *dp, struct snd_seq_event
*ev,int dest_client, int dest_port)


However, in sound/core/seq/oss/seq_oss_ioctl.c in function
snd_seq_oss_oob_user it is being called as follows:

	 snd_seq_oss_fill_addr(dp, &tmpev, dp->addr.port, dp->addr.client);

and also in sound/core/seq/oss/seq_oss_rw.c in function is it also being
called as follows:

	snd_seq_oss_fill_addr(dp, &event, dp->addr.port, dp->addr.client);

..as one can see, in both cases the port and client arguments are
swapped compared to the function prototype.  I doubt this is intentional
but you never know. Are these bugs?

Colin

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ