lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 23 Jun 2022 18:11:40 +0900
From:   유용수 <yongsuyoo0215@...il.com>
To:     Hans Petter Selasky <hps@...asky.org>
Cc:     Kieran Bingham <kieran.bingham@...asonboard.com>,
        linux-kernel@...r.kernel.org, linux-media@...r.kernel.org,
        mchehab@...nel.org
Subject: Re: [PATCH] media: dvb_ringbuffer : Fix a bug in dvb_ringbuffer.c

Dear Kieran Bingham

I sent E-mail again by Linux terminal by using the command " ... git
send-email .."
I believe that you will surely get the diff file.

Thank you

2022년 6월 22일 (수) 오후 10:12, Hans Petter Selasky <hps@...asky.org>님이 작성:
>
> Hi Kieran,
>
> The consumed variable should not be negative. This bug has been there
> since the beginning of the GIT at Linux from what I can see.
>
> +1
>
> --HPS
>
>  From 108c6acb2cc4bc4314b96f6f254a04b2873a096c Mon Sep 17 00:00:00 2001
> From: YongSu Yoo <yongsuyoo0215@...il.com>
> Date: Sun, 22 May 2022 04:53:12 +0000
> Subject: [PATCH] media: dvb_ringbuffer : Fix a bug in dvb_ringbuffer.c
>
> Signed-off-by:Yongsu Yoo <yongsuyoo0215@...il.com>
>
> The function dvb_ringbuffer_pkt_next in
> /linux-next/drviers/media/dvb-core/dvb_ringbuffer.c,
> which searches the idx of the next valid packet in the ring
> buffer of the ca->slot_info[slot].rx_buffer at
> /linux-next/drivers/media/dvb-core/dvb_ca_en50221.c,
> has the following problem.
> In calculating the amounts of the consumed address of the ring
> buffer, if the read address(rbuf->pread) of the ring buffer is
> smaller than the idx, the amounts of the searched address
> should be (idx - rbuf->pread),
> whereas if the read address(rbuf->pread) of the ring buffer is
> larger than the idx, the amounts of the consumed address should
> be (idx - rbuf->pread + rbug->size). But there exists an
> incorrect logic that the rbug-size was not properly added on
> (idx - rbug->pread) in the later case. With this commit, we
> fixed this bug.
> ---
>   drivers/media/dvb-core/dvb_ringbuffer.c | 4 +++-
>   1 file changed, 3 insertions(+), 1 deletion(-)
>
> diff --git a/drivers/media/dvb-core/dvb_ringbuffer.c
> b/drivers/media/dvb-core/dvb_ringbuffer.c
> index d1d471af0636..7d4558de8e83 100644
> --- a/drivers/media/dvb-core/dvb_ringbuffer.c
> +++ b/drivers/media/dvb-core/dvb_ringbuffer.c
> @@ -335,7 +335,9 @@ ssize_t dvb_ringbuffer_pkt_next(struct
> dvb_ringbuffer *rbuf, size_t idx, size_t*
>                 idx = (idx + curpktlen + DVB_RINGBUFFER_PKTHDRSIZE) % rbuf->size;
>         }
>
> -       consumed = (idx - rbuf->pread) % rbuf->size;
> +       consumed = (idx - rbuf->pread);
> +       if (consumed < 0)
> +               consumed += rbuf->size;
>
>         while((dvb_ringbuffer_avail(rbuf) - consumed) >
> DVB_RINGBUFFER_PKTHDRSIZE) {
>
> --
> 2.17.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ