Bug#871649: lv2-dev: abuse of non portable pointer of uint8_t type

2017-08-11 Thread Joël Krähemann 
Hi

Code like this might destabilize the operating system and compromise debian.
There is a good reason why glib-2.0 uses void pointers.

Bests,
Joël


On Fri, Aug 11, 2017 at 9:23 PM, Joël Krähemann  wrote:
> Hi
>
> Might be just a programming error. But it is important that you don't point
> uint8_t pointer to a struct.
>
> Might be some language basics missing?
>
> It is the same for atoms. Just use void pointers, please.
>
> Bests,
> Joël
>
>
> On Fri, Aug 11, 2017 at 8:52 PM, Robin Gareus  wrote:
>> Note that the LV2 event extension was deprecated years ago
>> and the last plugins which were using it were /killed/ in 2014.
>>
>> http://lists.lv2plug.in/pipermail/devel-lv2plug.in/2014-January/000642.html
>>
>>
>> As for the bug report itself, changing plugin API specifications
>> post-factum is never a good idea. So uint8_t it is, besides the
>> documentation in event.h makes it clear:
>>
>> /**
>> The contents of the event buffer. This may or may not reside in the
>> same block of memory as this header, plugins must not assume either.
>> The host guarantees this points to at least capacity bytes of allocated
>> memory (though only size bytes of that are valid events).
>> */
>> uint8_t* data;
>>
>>
>> not a bug.
>>
>> On 08/11/2017 08:20 PM, Joël Krähemann wrote:
>>> Hi
>>>
>>> For sure you can cast any pointer. But feels somehow wrong. The
>>> opinion was the specs
>>> are always correct.
>>>
>>> Bests,
>>> Joël
>>>
>>
>> ___
>> pkg-multimedia-maintainers mailing list
>> pkg-multimedia-maintainers@lists.alioth.debian.org
>> http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-multimedia-maintainers

___
pkg-multimedia-maintainers mailing list
pkg-multimedia-maintainers@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-multimedia-maintainers

Bug#871649: lv2-dev: abuse of non portable pointer of uint8_t type

2017-08-11 Thread Joël Krähemann 
Hi

Might be just a programming error. But it is important that you don't point
uint8_t pointer to a struct.

Might be some language basics missing?

It is the same for atoms. Just use void pointers, please.

Bests,
Joël


On Fri, Aug 11, 2017 at 8:52 PM, Robin Gareus  wrote:
> Note that the LV2 event extension was deprecated years ago
> and the last plugins which were using it were /killed/ in 2014.
>
> http://lists.lv2plug.in/pipermail/devel-lv2plug.in/2014-January/000642.html
>
>
> As for the bug report itself, changing plugin API specifications
> post-factum is never a good idea. So uint8_t it is, besides the
> documentation in event.h makes it clear:
>
> /**
> The contents of the event buffer. This may or may not reside in the
> same block of memory as this header, plugins must not assume either.
> The host guarantees this points to at least capacity bytes of allocated
> memory (though only size bytes of that are valid events).
> */
> uint8_t* data;
>
>
> not a bug.
>
> On 08/11/2017 08:20 PM, Joël Krähemann wrote:
>> Hi
>>
>> For sure you can cast any pointer. But feels somehow wrong. The
>> opinion was the specs
>> are always correct.
>>
>> Bests,
>> Joël
>>
>
> ___
> pkg-multimedia-maintainers mailing list
> pkg-multimedia-maintainers@lists.alioth.debian.org
> http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-multimedia-maintainers

___
pkg-multimedia-maintainers mailing list
pkg-multimedia-maintainers@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-multimedia-maintainers

Bug#871649: lv2-dev: abuse of non portable pointer of uint8_t type

2017-08-11 Thread Robin Gareus 
Note that the LV2 event extension was deprecated years ago
and the last plugins which were using it were /killed/ in 2014.

http://lists.lv2plug.in/pipermail/devel-lv2plug.in/2014-January/000642.html


As for the bug report itself, changing plugin API specifications
post-factum is never a good idea. So uint8_t it is, besides the
documentation in event.h makes it clear:

/**
The contents of the event buffer. This may or may not reside in the
same block of memory as this header, plugins must not assume either.
The host guarantees this points to at least capacity bytes of allocated
memory (though only size bytes of that are valid events).
*/
uint8_t* data;


not a bug.

On 08/11/2017 08:20 PM, Joël Krähemann wrote:
> Hi
> 
> For sure you can cast any pointer. But feels somehow wrong. The
> opinion was the specs
> are always correct.
> 
> Bests,
> Joël
> 

___
pkg-multimedia-maintainers mailing list
pkg-multimedia-maintainers@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-multimedia-maintainers

Bug#871649: lv2-dev: abuse of non portable pointer of uint8_t type

2017-08-11 Thread Joël Krähemann 
Hi

For sure you can cast any pointer. But feels somehow wrong. The
opinion was the specs
are always correct.

Bests,
Joël


On Fri, Aug 11, 2017 at 8:12 PM, Jaromír Mikeš  wrote:
>
>
> 2017-08-10 16:23 GMT+02:00 Joël Krähemann :
>>
>> Hi James,
>>
>> It is common that you use for storing uint8_t an entire word.
>> The use of a uint8_t pointer confused me as you are pointing
>> to a struct.
>>
>> Bests,
>> Joël
>>
>>
>> On Thu, Aug 10, 2017 at 4:10 PM, James Cowgill 
>> wrote:
>> > Hi,
>> >
>> > On 10/08/17 08:31, Joël Krähemann wrote:
>> >> Package: lv2-dev
>> >> Version: 1.14.0~dfsg1-1
>> >> Severity: important
>> >>
>> >> Dear Maintainer,
>> >>
>> >> The following header makes use of smallest possible pointer in
>> >> LV2_Event_Buffer struct's data field.
>> >>
>> >> lv2/lv2plug.in/ns/ext/event/event.h
>> >>
>> >> Please change it to biggest possible pointer. It should be definitely
>> >> void* type because the memory
>> >> pointed by data shall contain another struct LV2_Event.
>> >>
>> >> This describes an integer overflow. There shouldn't be any overflow.
>> >
>> > I'm afraid I don't see what the problem is here, or where the integer
>> > overflow is. The data field is casted to an appropriate pointer type
>> > whenever it is used and doing that is portable if you're careful.
>>
>
> Hi Joel,
>
> You still think it is a bug?
> Did you contacted upstream author about this issue already?
>
> best regards
>
> mira
>

___
pkg-multimedia-maintainers mailing list
pkg-multimedia-maintainers@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-multimedia-maintainers

Bug#871649: lv2-dev: abuse of non portable pointer of uint8_t type

2017-08-10 Thread Joël Krähemann 
Hi James,

It is common that you use for storing uint8_t an entire word.
The use of a uint8_t pointer confused me as you are pointing
to a struct.

Bests,
Joël


On Thu, Aug 10, 2017 at 4:10 PM, James Cowgill  wrote:
> Hi,
>
> On 10/08/17 08:31, Joël Krähemann wrote:
>> Package: lv2-dev
>> Version: 1.14.0~dfsg1-1
>> Severity: important
>>
>> Dear Maintainer,
>>
>> The following header makes use of smallest possible pointer in 
>> LV2_Event_Buffer struct's data field.
>>
>> lv2/lv2plug.in/ns/ext/event/event.h
>>
>> Please change it to biggest possible pointer. It should be definitely void* 
>> type because the memory
>> pointed by data shall contain another struct LV2_Event.
>>
>> This describes an integer overflow. There shouldn't be any overflow.
>
> I'm afraid I don't see what the problem is here, or where the integer
> overflow is. The data field is casted to an appropriate pointer type
> whenever it is used and doing that is portable if you're careful.
>
> Thanks,
> James
>

___
pkg-multimedia-maintainers mailing list
pkg-multimedia-maintainers@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-multimedia-maintainers