Re: [PATCH 1/1] staging/speakup/kobjects.c: Code improvement.

From: Chris Brannon
Date: Tue Sep 10 2013 - 21:29:49 EST

Next message: wwang: "Re: [PATCH v3] mfd: rtsx: Modify rts5249_optimize_phy"
Previous message: Chanwoo Choi: "Re: [PATCH 2/6] extcon-gpio: If the gpio driver/chip supportsdebounce, use it"
In reply to: Dan Carpenter: "Re: [PATCH 1/1] staging/speakup/kobjects.c: Code improvement."
Next in thread: Dan Carpenter: "Re: [PATCH 1/1] staging/speakup/kobjects.c: Code improvement."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Dan Carpenter <dan.carpenter@xxxxxxxxxx> writes:

> Good eye for spotting the memory corruption bug!
>
> This is a bug fix, so the fix should go in a separate patch and not
> merged with a code cleanup patch. Ordinary users can trigger this so
> it's a security bug and separating it out is extra important.

Ok. I just sent up a patch to the driverdev list. I missed a few
of the Cc's that were on this thread, though.
Also, it will conflict with Raphael's cleanup.

> The checking in spk_set_num_var() is not sufficient as well. If we use
> E_INC then we can hit an integer overflow bug:

Good catch. In fact, we shouldn't be using input at all! Instead, we
need to use the value of the voice parameter after it was changed. That
will be a valid index into the two tables. My patch does so.

-- Chris
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: wwang: "Re: [PATCH v3] mfd: rtsx: Modify rts5249_optimize_phy"
Previous message: Chanwoo Choi: "Re: [PATCH 2/6] extcon-gpio: If the gpio driver/chip supportsdebounce, use it"
In reply to: Dan Carpenter: "Re: [PATCH 1/1] staging/speakup/kobjects.c: Code improvement."
Next in thread: Dan Carpenter: "Re: [PATCH 1/1] staging/speakup/kobjects.c: Code improvement."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]