From: Leo Famulari <leo@famulari.name>
To: Danny Milosavljevic <dannym@scratchpost.org>
Cc: 40832@debbugs.gnu.org
Subject: bug#40832: alsa-lib cannot find its plugins
Date: Tue, 28 Jul 2020 19:56:23 -0400 [thread overview]
Message-ID: <20200728235623.GA1936@jasmine.lan> (raw)
In-Reply-To: <20200728125241.4ff41418@scratchpost.org>
[-- Attachment #1: Type: text/plain, Size: 2401 bytes --]
On Tue, Jul 28, 2020 at 12:52:41PM +0200, Danny Milosavljevic wrote:
> some comments on the lastest patch:
Thank you for reviewing the patch!
> * The entire alsa-lib seems to use the idiom "malloc and then strcpy", or
> "malloc and then sprintf", or, worse, "malloc, strcpy and multiple strcat".
> These are a buffer overflow waiting to happen (when changing part of those
> while doing ongoing maintenance; also the places where they use "+" is not
> checked for overflow). That said, if they do it, we can do it that way, too.
This confirms what I felt — it's hard to feel confident about the bounds
checking in this code. It seems to be based on the names of the plugin
libraries not exceeding some magic length. It's hard to balance "doing
the right thing" and using upstream's idioms.
When writing the patch, my investigation into the code made decide that
it would not overflow, but now I don't remember why I thought that.
> * The environment variable GUIX_ALSA_PLUGIN_DIRS is only checked if the
> respective file does not exist in alsa-lib. That is not how environment
> variables usually work--it should be possible to override built-in things
> by setting this environment variable, too.
Good point. I don't remember now if I specifically decided to do things
this way or if it was a side effect of where I inserted the new code.
> * Instead of alloca and strcpy, can just use strdupa.
I didn't know about this function, thanks.
> * strtok_r man page states that the first argument should be NULL on the
> non-first calls. You do that already, but maybe add a comment why that
> is done where it's set to NULL.
Right.
> * strtok_r man page states that "On some implementations, *saveptr is required
> to be NULL on the first call to strtok_r() that is being used to parse str.".
> So I'd use "char* saveptr = NULL;"
My Linux 4.16 man pages from Debian don't contain this note. Good to
know!
> * Instead of malloc and sprintf, could just use asprintf. But they don't,
> so let's not either, for easier review. Also, magical value 32... sigh.
> Well, they do it, too.
Right...
> * If GUIX_ALSA_PLUGIN_DIRS contained for example "a:" then it would search
> "a" and "/", right? OK as long as we want that.
I don't remember how it behaves anymore... I'll look into this and
decide.
Thanks again for the review!
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
next prev parent reply other threads:[~2020-07-28 23:57 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-04-24 21:37 bug#40832: Audacity does not work with PulseAudio Leo Famulari
2020-04-24 23:15 ` Leo Famulari
2020-04-25 4:03 ` Leo Famulari
2020-04-26 20:03 ` bug#40832: alsa-lib cannot find its plugins Leo Famulari
2020-04-28 21:25 ` bug#40832: Audacity does not work with PulseAudio Ludovic Courtès
2020-04-28 22:39 ` Leo Famulari
2020-05-08 22:45 ` Leo Famulari
2020-05-09 5:24 ` Leo Famulari
2020-05-16 19:33 ` bug#40832: [PATCH 0/2] Help alsa-lib find its plugins Leo Famulari
2020-05-16 19:34 ` bug#40832: [PATCH 1/2] gnu: alsa-plugins: Add GUIX_ALSA_PLUGIN_DIRS search path specification Leo Famulari
2020-05-16 19:34 ` bug#40832: [PATCH 2/2] gnu: Help alsa-lib find its plugins on foreign distros Leo Famulari
2020-05-17 18:19 ` bug#40832: [PATCH 0/2] Help alsa-lib find its plugins Leo Famulari
2020-07-28 10:52 ` bug#40832: alsa-lib cannot " Danny Milosavljevic
2020-07-28 10:56 ` Danny Milosavljevic
2020-07-28 23:56 ` Leo Famulari
2020-07-28 23:56 ` Leo Famulari [this message]
2020-07-29 11:18 ` Danny Milosavljevic
2020-10-13 16:02 ` Leo Famulari
2021-02-01 20:51 ` Leo Famulari
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://guix.gnu.org/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200728235623.GA1936@jasmine.lan \
--to=leo@famulari.name \
--cc=40832@debbugs.gnu.org \
--cc=dannym@scratchpost.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/guix.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).