From 39e6584f1778e90c5f668d4c0c44e03c7efe1f4d6cfc1319f53df0002fa12e49 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Cristian=20Rodr=C3=ADguez?= Date: Mon, 8 Dec 2014 05:09:42 +0000 Subject: [PATCH] Accepting request 264172 from home:tiwai:branches:multimedia:libs - Backport upstream fixes: rubustify dB value handling in amixer 0014-amixer-Make-dB-case-insensitive-in-set-commands.patch 0015-amixer-Parse-the-value-more-strictly.patch OBS-URL: https://build.opensuse.org/request/show/264172 OBS-URL: https://build.opensuse.org/package/show/multimedia:libs/alsa-utils?expand=0&rev=110 --- ...-dB-case-insensitive-in-set-commands.patch | 29 ++++++++ ...amixer-Parse-the-value-more-strictly.patch | 67 +++++++++++++++++++ alsa-utils.changes | 7 ++ alsa-utils.spec | 4 ++ 4 files changed, 107 insertions(+) create mode 100644 0014-amixer-Make-dB-case-insensitive-in-set-commands.patch create mode 100644 0015-amixer-Parse-the-value-more-strictly.patch diff --git a/0014-amixer-Make-dB-case-insensitive-in-set-commands.patch b/0014-amixer-Make-dB-case-insensitive-in-set-commands.patch new file mode 100644 index 0000000..eab0fcc --- /dev/null +++ b/0014-amixer-Make-dB-case-insensitive-in-set-commands.patch @@ -0,0 +1,29 @@ +From 45a334e71ca9b4402fb731a934f7455cec5b0121 Mon Sep 17 00:00:00 2001 +From: Takashi Iwai +Date: Sun, 23 Nov 2014 09:40:07 +0100 +Subject: [PATCH 14/15] amixer: Make "dB" case-insensitive in set commands + +We don't have to be necessarily too strict about case-sensitivity of +"dB" suffix used in set commands. + +Signed-off-by: Takashi Iwai +--- + amixer/amixer.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/amixer/amixer.c b/amixer/amixer.c +index cf82892bfa2f..6a2fdb96c62f 100644 +--- a/amixer/amixer.c ++++ b/amixer/amixer.c +@@ -346,7 +346,7 @@ static int set_volume_simple(snd_mixer_elem_t *elem, + if (*p == '%') { + percent = 1; + p++; +- } else if (p[0] == 'd' && p[1] == 'B') { ++ } else if (toupper(p[0]) == 'D' && toupper(p[1]) == 'B') { + vol_type = VOL_DB; + p += 2; + scale = 100; +-- +2.2.0 + diff --git a/0015-amixer-Parse-the-value-more-strictly.patch b/0015-amixer-Parse-the-value-more-strictly.patch new file mode 100644 index 0000000..c3d132e --- /dev/null +++ b/0015-amixer-Parse-the-value-more-strictly.patch @@ -0,0 +1,67 @@ +From 088593c03980209c44a9e9cde19723361d341c0a Mon Sep 17 00:00:00 2001 +From: Takashi Iwai +Date: Sun, 23 Nov 2014 10:04:24 +0100 +Subject: [PATCH 15/15] amixer: Parse the value more strictly + +So far amixer allows some unexpected suffix and assumes as a raw +absolute value without returning an error. This is rather dangerous, +e.g. user might not notice that a completely wrong value was set when +the command line included a typo. + +This patch makes the parser a bit more strict: it doesn't allow any +longer invalid suffixes, instead either returns an error or skips the +invalid value, depending on the operation mode. + +Signed-off-by: Takashi Iwai +--- + amixer/amixer.c | 13 +++++++++++-- + 1 file changed, 11 insertions(+), 2 deletions(-) + +diff --git a/amixer/amixer.c b/amixer/amixer.c +index 6a2fdb96c62f..ed60e7c3a960 100644 +--- a/amixer/amixer.c ++++ b/amixer/amixer.c +@@ -325,7 +325,7 @@ static int set_volume_simple(snd_mixer_elem_t *elem, + long val, orig, pmin, pmax; + char *p = *ptr, *s; + int invalid = 0, percent = 0, err = 0; +- int vol_type = std_vol_type; ++ int vol_type; + double scale = 1.0; + int correct = 0; + +@@ -344,14 +344,19 @@ static int set_volume_simple(snd_mixer_elem_t *elem, + strtol(p, &p, 10); + } + if (*p == '%') { ++ vol_type = std_vol_type; + percent = 1; + p++; + } else if (toupper(p[0]) == 'D' && toupper(p[1]) == 'B') { + vol_type = VOL_DB; + p += 2; + scale = 100; +- } else ++ } else { + vol_type = VOL_RAW; ++ } ++ ++ if (*p && !strchr(",:+-", *p)) ++ invalid = 1; + + val = (long)(strtod(s, NULL) * scale); + if (vol_ops[dir].v[vol_type].get_range(elem, &pmin, &pmax) < 0) +@@ -372,6 +377,10 @@ static int set_volume_simple(snd_mixer_elem_t *elem, + } + p++; + } ++ ++ if (*p && !strchr(",:", *p)) ++ invalid = 1; ++ + if (! invalid) { + val = check_range(val, pmin, pmax); + err = vol_ops[dir].v[vol_type].set(elem, chn, val, correct); +-- +2.2.0 + diff --git a/alsa-utils.changes b/alsa-utils.changes index 52247c4..079bfeb 100644 --- a/alsa-utils.changes +++ b/alsa-utils.changes @@ -1,3 +1,10 @@ +------------------------------------------------------------------- +Fri Dec 5 16:54:03 CET 2014 - tiwai@suse.de + +- Backport upstream fixes: rubustify dB value handling in amixer + 0014-amixer-Make-dB-case-insensitive-in-set-commands.patch + 0015-amixer-Parse-the-value-more-strictly.patch + ------------------------------------------------------------------- Fri Oct 17 11:58:05 CEST 2014 - tiwai@suse.de diff --git a/alsa-utils.spec b/alsa-utils.spec index 8e8d45f..a35bb74 100644 --- a/alsa-utils.spec +++ b/alsa-utils.spec @@ -58,6 +58,8 @@ Patch10: 0010-speaker-text-fix-simple-signess-assignment-warning.patch Patch11: 0011-monitor-fix-clang-warning-Declared-variable-length-a.patch Patch12: 0012-alsactl-coverity-missing_va_end-va_end-was-not-calle.patch Patch13: 0013-Revert-aplay-fix-pcm_read-return-value.patch +Patch14: 0014-amixer-Make-dB-case-insensitive-in-set-commands.patch +Patch15: 0015-amixer-Parse-the-value-more-strictly.patch # Patch99: alsa-utils-gettext-version-removal.diff BuildRequires: alsa-devel @@ -98,6 +100,8 @@ sed -i -e's/EXTRA_DIST= config.rpath /EXTRA_DIST=/' Makefile.am %patch11 -p1 %patch12 -p1 %patch13 -p1 +%patch14 -p1 +%patch15 -p1 # %if 0%{?suse_version} < 1020 %patch99 -p1