From: Takashi Iwai <tiwai@suse.de>
To: Oswald Buddenhagen <oswald.buddenhagen@gmx.de>
Cc: alsa-devel@alsa-project.org, Jaroslav Kysela <perex@perex.cz>
Subject: Re: [PATCH 07/14] ALSA: emu10k1: properly assert DSP init constraints
Date: Fri, 12 May 2023 09:15:17 +0200 [thread overview]
Message-ID: <87a5yaaum2.wl-tiwai@suse.de> (raw)
In-Reply-To: <20230510173917.3073107-8-oswald.buddenhagen@gmx.de>
On Wed, 10 May 2023 19:39:10 +0200,
Oswald Buddenhagen wrote:
>
> If these are hit, we've already trashed kernel memory by writing past
> the end of the allocated buffer. There is no recovery from that.
>
> Signed-off-by: Oswald Buddenhagen <oswald.buddenhagen@gmx.de>
> ---
> v2:
> - slightly more verbose description
Again, this is NAK. First of all, if we really do care the overflow
seriously, we should check at each increment instead of after
breakage. It shouldn't be too difficult at all.
Second, using BUG_ON() like this case is an overkill. It was clearly
stated by Linus in the past a few times (although I can't find the
source right now).
thanks,
Takashi
> ---
> sound/pci/emu10k1/emufx.c | 21 +++++----------------
> 1 file changed, 5 insertions(+), 16 deletions(-)
>
> diff --git a/sound/pci/emu10k1/emufx.c b/sound/pci/emu10k1/emufx.c
> index 2da1f9f1fb5a..5ae275d87c59 100644
> --- a/sound/pci/emu10k1/emufx.c
> +++ b/sound/pci/emu10k1/emufx.c
> @@ -1668,22 +1668,19 @@ A_OP(icode, &ptr, iMAC0, A_GPR(var), A_GPR(var), A_GPR(vol), A_EXTIN(input))
> * ok, set up done..
> */
>
> - if (gpr > tmp) {
> - snd_BUG();
> - err = -EIO;
> - goto __err;
> - }
> + BUG_ON(gpr > tmp);
> + BUG_ON(nctl > SND_EMU10K1_GPR_CONTROLS);
> +
> /* clear remaining instruction memory */
> while (ptr < 0x400)
> A_OP(icode, &ptr, 0x0f, 0xc0, 0xc0, 0xcf, 0xc0);
>
> icode->gpr_add_control_count = nctl;
> icode->gpr_add_controls = controls;
> emu->support_tlv = 1; /* support TLV */
> err = snd_emu10k1_icode_poke(emu, icode, true);
> emu->support_tlv = 0; /* clear again */
>
> -__err:
> kfree(controls);
> __err_ctrls:
> kfree(icode->gpr_map);
> @@ -2272,16 +2269,8 @@ static int _snd_emu10k1_init_efx(struct snd_emu10k1 *emu)
> }
>
>
> - if (gpr > tmp) {
> - snd_BUG();
> - err = -EIO;
> - goto __err;
> - }
> - if (i > SND_EMU10K1_GPR_CONTROLS) {
> - snd_BUG();
> - err = -EIO;
> - goto __err;
> - }
> + BUG_ON(gpr > tmp);
> + BUG_ON(i > SND_EMU10K1_GPR_CONTROLS);
>
> /* clear remaining instruction memory */
> while (ptr < 0x200)
> --
> 2.40.0.152.g15d061e6df
>
next prev parent reply other threads:[~2023-05-12 7:16 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-05-10 17:39 [PATCH 00/14] ALSA: emu10k1: various improvements to the DSP-based mixer code Oswald Buddenhagen
2023-05-10 17:39 ` [PATCH 01/14] ALSA: emu10k1: make tone control switch mono Oswald Buddenhagen
2023-05-10 17:39 ` [PATCH 02/14] ALSA: emu10k1: roll up loops in DSP setup code for Audigy Oswald Buddenhagen
2023-05-10 17:39 ` [PATCH 03/14] ALSA: emu10k1: fix+optimize E-MU stereo capture DSP code Oswald Buddenhagen
2023-05-10 17:39 ` [PATCH 04/14] ALSA: emu10k1: simplify snd_emu10k1_audigy_dsp_convert_32_to_2x16() Oswald Buddenhagen
2023-05-10 17:39 ` [PATCH 05/14] ALSA: emu10k1: apply channel delay hack to all E-MU cards Oswald Buddenhagen
2023-05-10 17:39 ` [PATCH 06/14] ALSA: emu10k1: simplify tone control switch DSP code Oswald Buddenhagen
2023-05-10 17:39 ` [PATCH 07/14] ALSA: emu10k1: properly assert DSP init constraints Oswald Buddenhagen
2023-05-12 7:15 ` Takashi Iwai [this message]
2023-05-12 9:25 ` Oswald Buddenhagen
2023-05-12 9:59 ` Takashi Iwai
2023-05-10 17:39 ` [PATCH 08/14] ALSA: emu10k1: polish audigy GPR allocation Oswald Buddenhagen
2023-05-10 17:39 ` [PATCH 09/14] ALSA: emu10k1: fix non-zero mixer control defaults in highres mode Oswald Buddenhagen
2023-05-10 17:39 ` [PATCH 10/14] ALSA: emu10k1: validate min/max values of translated controls Oswald Buddenhagen
2023-05-10 17:39 ` [PATCH 11/14] ALSA: emu10k1: omit non-applicable mixer controls for E-MU cards Oswald Buddenhagen
2023-05-10 17:39 ` [PATCH 12/14] ALSA: emu10k1: skip mic capture PCM for cards without AC97 codec Oswald Buddenhagen
2023-05-10 17:39 ` [PATCH 13/14] ALSA: emu10k1: enable bit-exact playback, part 1: DSP attenuation Oswald Buddenhagen
2023-05-10 17:39 ` [PATCH 14/14] ALSA: emu10k1: enable bit-exact playback, part 2: voice attenuation Oswald Buddenhagen
2023-05-12 7:21 ` [PATCH 00/14] ALSA: emu10k1: various improvements to the DSP-based mixer code Takashi Iwai
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87a5yaaum2.wl-tiwai@suse.de \
--to=tiwai@suse.de \
--cc=alsa-devel@alsa-project.org \
--cc=oswald.buddenhagen@gmx.de \
--cc=perex@perex.cz \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.