| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <874jwp6v25.wl-tiwai@suse.de>
Date: Fri, 30 Sep 2022 12:00:34 +0200
From: Takashi Iwai <tiwai@...e.de>
To: "Sabri N. Ferreiro" <snferreiro1@...il.com>
Cc: perex@...ex.cz, tiwai@...e.com, alsa-devel@...a-project.org,
linux-kernel@...r.kernel.org
Subject: Re: general protection fault in release_urbs
On Fri, 30 Sep 2022 11:39:03 +0200,
Takashi Iwai wrote:
>
> On Fri, 30 Sep 2022 11:23:21 +0200,
> Takashi Iwai wrote:
> >
> > On Fri, 30 Sep 2022 04:23:23 +0200,
> > Sabri N. Ferreiro wrote:
> > >
> > > Hi,
> > >
> > > When I used fuzz testing to test Linux kernel 6.0.0-rc6, the kernel
> > > triggered the following error:
> > > HEAD commit: 521a547ced6477c54b4b0cc206000406c221b4d6
> > > git tree: upstream
> >
> > Could you retest with 6.0-rc7 or later?
> > A commit reverting the change might influence on the behavior
> > significantly.
>
> And if it's reproducible on 6.0-rc7, please try the following fix.
... and I believe it's happening no matter which version.
I'm going to submit the proper patch, in anyway.
thanks,
Takashi
>
>
> thanks,
>
> Takashi
>
> -- 8< --
> --- a/sound/usb/endpoint.c
> +++ b/sound/usb/endpoint.c
> @@ -95,12 +95,13 @@ static inline unsigned get_usb_high_speed_rate(unsigned int rate)
> */
> static void release_urb_ctx(struct snd_urb_ctx *u)
> {
> - if (u->buffer_size)
> + if (u->urb && u->buffer_size)
> usb_free_coherent(u->ep->chip->dev, u->buffer_size,
> u->urb->transfer_buffer,
> u->urb->transfer_dma);
> usb_free_urb(u->urb);
> u->urb = NULL;
> + u->buffer_size = 0;
> }
>
> static const char *usb_error_string(int err)
Powered by blists - more mailing lists