Re: static analysis bug report: ALSA: swapped client and port arguments in calls to snd_seq_oss_fill_addr

[Takashi Iwai]

On Thu, 27 Jun 2019 16:01:40 +0200,
Colin Ian King wrote:
> 
> Hi there,
> 
> Static analysis with Coverity has picked up two potential issues with
> the call to function snd_seq_oss_fill_addr. The prototype of
> snd_seq_oss_fill_addr is as follows:
> 
> static inline void
> snd_seq_oss_fill_addr(struct seq_oss_devinfo *dp, struct snd_seq_event
> *ev,int dest_client, int dest_port)
> 
> 
> However, in sound/core/seq/oss/seq_oss_ioctl.c in function
> snd_seq_oss_oob_user it is being called as follows:
> 
> 	 snd_seq_oss_fill_addr(dp, &tmpev, dp->addr.port, dp->addr.client);
> 
> and also in sound/core/seq/oss/seq_oss_rw.c in function is it also being
> called as follows:
> 
> 	snd_seq_oss_fill_addr(dp, &event, dp->addr.port, dp->addr.client);
> 
> ..as one can see, in both cases the port and client arguments are
> swapped compared to the function prototype.  I doubt this is intentional
> but you never know. Are these bugs?

That's a clear bug, the order should be (client, port), so it's bugs
in the caller side.  They are rare use case, so probably no one really
hits or is annoyed -- the latter is a note-off just to be sure, and
the former is a special ioctl probably that has been never used :)

In anyway, would you send me a fix patch?


Thanks!

Takashi

> 
> Colin
>