lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <2024020308-until-overact-a7b1@gregkh>
Date: Sat, 3 Feb 2024 16:03:20 -0800
From: Greg KH <gregkh@...uxfoundation.org>
To: Samuel Thibault <samuel.thibault@...-lyon.org>,
	linux-kernel@...r.kernel.org, speakup@...ux-speakup.org
Subject: Re: [PATCH] speakup: Fix 8bit characters from direct synth

On Sun, Feb 04, 2024 at 12:36:00AM +0100, Samuel Thibault wrote:
> When userland echoes 8bit characters to /dev/synth with e.g.
> 
> echo -e '\xe9' > /dev/synth
> 
> synth_write would get characters beyond 0x7f, and thus negative when
> char is signed.  When given to synth_buffer_add which takes a u16, this
> would sign-extend and produce a U+ffxy character rather than U+xy.
> Users thus get garbled text instead of accents in their output.
> 
> Let's fix this by making sure that we read unsigned characters.
> 
> Signed-off-by: Samuel Thibault <samuel.thibault@...-lyon.org>
> Fixes: 89fc2ae80bb1 ("speakup: extend synth buffer to 16bit unicode characters")
> Cc: stable@...r.kernel.org
> 
> ---
>  drivers/accessibility/speakup/synth.c |    3 ++-
>  1 file changed, 2 insertions(+), 1 deletion(-)
> 
> --- a/drivers/accessibility/speakup/synth.c
> +++ b/drivers/accessibility/speakup/synth.c
> @@ -208,8 +208,9 @@ void spk_do_flush(void)
>  	wake_up_process(speakup_task);
>  }
>  
> -void synth_write(const char *buf, size_t count)
> +void synth_write(const char *_buf, size_t count)
>  {
> +	const unsigned char *buf = (const unsigned char *) _buf;
>  	while (count--)
>  		synth_buffer_add(*buf++);
>  	synth_start();

Nit, I think you need a blank line after the new variable definition.

And why can't we just change these to be u8 instead of "char"?  Wouldn't
that solve this issue overall better?  We made much the same type of
changes to the tty layer recently.

thanks,

greg k-h

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ