Oops in sound mixer code, 2.1.79

Philippe Troin (phil@fifi.org)
Sat, 17 Jan 1998 16:52:21 +0800

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Alan Cox: "Re: open problem"
Previous message: Garst R. Reese: "Re: solid lockup 2.1.80pre3"

This is a multipart MIME message.

--==_Exmh_-5057292140
Content-Type: text/plain; charset=us-ascii

The attached program will cause an Ooops in the sound code.
We should get EFAULT, not Ooops.
Probably an error in drivers/sound/soundcard.c:get_mixer_info(),
which I don't know how to fix :-(
Looks like the address passed is not checked. This also causes old
programs (eg mctools-lite's xmixer) compiled against 2.0.x headers to
crash.

Phil.

--==_Exmh_-5057292140
Content-Type: text/plain ; name="sound-oops.c"; charset=us-ascii
Content-Description: sound-oops.c
Content-Transfer-Encoding: quoted-printable
Content-Disposition: attachment; filename="sound-oops.c"

#include <sys/ioctl.h>
#include <sys/soundcard.h>
#include <unistd.h>
#include <fcntl.h>
#include <stdio.h>

int main(void) {
int mixfd;

if ((mixfd=3Dopen("/dev/mixer", O_RDWR))<0) {
perror("open /dev/mixer");
exit(1);
}

ioctl(mixfd, SOUND_OLD_MIXER_INFO, 1);
exit(0);
return 0;
}

--==_Exmh_-5057292140
Content-Type: text/plain ; name="Ooops"; charset=us-ascii
Content-Description: Ooops
Content-Transfer-Encoding: quoted-printable
Content-Disposition: attachment; filename="Ooops"

Jan 17 16:21:50 ceramic kernel: invalid operand: 0000 =

Jan 17 16:21:50 ceramic kernel: CPU: 1 =

Jan 17 16:21:50 ceramic kernel: EIP: 0010:[<c0190900>] =

Jan 17 16:21:50 ceramic kernel: EFLAGS: 00010282 =

Jan 17 16:21:50 ceramic kernel: eax: fffffff2 ebx: 08048550 ecx: 0000=
0030 edx: 00000000 =

Jan 17 16:21:50 ceramic kernel: esi: 08048550 edi: 80304d65 ebp: 0000=
0002 esp: c27bbf68 =

Jan 17 16:21:50 ceramic kernel: ds: 0018 es: 0018 ss: 0018 =

Jan 17 16:21:50 ceramic kernel: Process sound-oops (pid: 1197, process nr=
: 65, stackpage=3Dc27bb000) =

Jan 17 16:21:50 ceramic kernel: Stack: 00000000 08048550 00000000 c0190b0=
8 00000000 80304d65 08048550 c019093c =

Jan 17 16:21:50 ceramic kernel: 00000000 08048550 80304d65 4007a80=
0 c0132c3e c0fb6c64 c305c6e0 80304d65 =

Jan 17 16:21:50 ceramic kernel: 08048550 c27ba000 bffffa74 bffffa3=
c bffffa78 c27bbfc4 c010a2ba 00000003 =

Jan 17 16:21:50 ceramic kernel: Call Trace: [<c0190b08>] [<c019093c>] [<c=
0132c3e>] [<c010a2ba>] =

Jan 17 16:21:50 ceramic kernel: Code: ff ff ff 83 c4 08 eb 31 f7 c2 00 00=
00 40 74 0a 8b 04 8d ac =

--==_Exmh_-5057292140--

Next message: Alan Cox: "Re: open problem"
Previous message: Garst R. Reese: "Re: solid lockup 2.1.80pre3"