Re: [PATCH 4.19 062/125] ALSA: usb-audio: Fix possible NULL dereference at create_yamaha_midi_quirk()

[Pavel Machek]

Hi!

> From: Takashi Iwai <tiwai@xxxxxxx>
> 
> commit 60849562a5db4a1eee2160167e4dce4590d3eafe upstream.
> 
> The previous addition of descriptor validation may lead to a NULL
> dereference at create_yamaha_midi_quirk() when either injd or outjd is
> NULL.  Add proper non-NULL checks.

This is wrong.

> @@ -259,8 +259,8 @@ static int create_yamaha_midi_quirk(stru
>  					NULL, USB_MS_MIDI_OUT_JACK);
>  	if (!injd && !outjd)
>  		return -ENODEV;

Clearly code wants to allow at most one of them to be NULL.

> -	if (!snd_usb_validate_midi_desc(injd) ||
> -	    !snd_usb_validate_midi_desc(outjd))
> +	if (!(injd && snd_usb_validate_midi_desc(injd)) ||
> +	    !(outjd && snd_usb_validate_midi_desc(outjd)))
>  		return -ENODEV;

Yet it will return here if it is. Correct check would be

+     if (!(!injd || snd_usb_validate_midi_desc(injd)) ||
+         !(!outjd || snd_usb_validate_midi_desc(outjd)))

AFAICT.

Best regards,
									Pavel

-- 
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html

Attachment: signature.asc
Description: Digital signature