Re: [PATCH] ALSA: firewire-lib: fix wrong value as length of header for CIP_NO_HEADER case

"Gustavo A. R. Silva" <gustavo@xxxxxxxxxxxxxx> · Thu, 25 Jul 2024 10:08:21 -0600

On 25/07/24 09:56, Takashi Sakamoto wrote:
In a commit 1d717123bb1a ("ALSA: firewire-lib: Avoid
-Wflex-array-member-not-at-end warning"), DEFINE_FLEX() macro was used to
handle variable length of array for header field in struct fw_iso_packet
structure. The usage of macro has a side effect that the designated
initializer assigns the count of array to the given field. Therefore
CIP_HEADER_QUADLETS (=2) is assigned to struct fw_iso_packet.header,
while the original designated initializer assigns zero to all fields.

With CIP_NO_HEADER flag, the change causes invalid length of header in
isochronous packet for 1394 OHCI IT context. This bug affects all of
devices supported by ALSA fireface driver; RME Fireface 400, 800, UCX, UFX,
and 802.

This commit fixes the bug by replacing it with the alternative version of
macro which corresponds no initializer.

This change is incomplete. The patch I mention here[1] should also be applied.

BTW, there is one more line that should probably be changed in `struct fw_iso_packet`
to avoid further confusions:

-       u16 payload_length;     /* Length of indirect payload           */
+       u16 payload_length;     /* Size of indirect payload             */

Thanks
--
Gustavo

[1] https://lore.kernel.org/linux-sound/dabb394e-6c85-45a0-bc06-7a45262a9a8c@xxxxxxxxxxxxxx/T/#m0b9b0e7dd4561dc58422cf15df2dbd2ddb44b54b


Cc: <stable@xxxxxxxxxxxxxxx>
Fixes: 1d717123bb1a ("ALSA: firewire-lib: Avoid -Wflex-array-member-not-at-end warning")
Reported-by: Edmund Raile <edmund.raile@xxxxxxxxx>
Closes: https://lore.kernel.org/r/rrufondjeynlkx2lniot26ablsltnynfaq2gnqvbiso7ds32il@qk4r6xps7jh2/
Signed-off-by: Takashi Sakamoto <o-takashi@xxxxxxxxxxxxx>
---
  sound/firewire/amdtp-stream.c | 3 +--
  1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/sound/firewire/amdtp-stream.c b/sound/firewire/amdtp-stream.c
index d35d0a420ee0..1a163bbcabd7 100644
--- a/sound/firewire/amdtp-stream.c
+++ b/sound/firewire/amdtp-stream.c
@@ -1180,8 +1180,7 @@ static void process_rx_packets(struct fw_iso_context *context, u32 tstamp, size_
  		(void)fw_card_read_cycle_time(fw_parent_device(s->unit)->card, &curr_cycle_time);
  
  	for (i = 0; i < packets; ++i) {
-		DEFINE_FLEX(struct fw_iso_packet, template, header,
-			    header_length, CIP_HEADER_QUADLETS);
+		DEFINE_RAW_FLEX(struct fw_iso_packet, template, header, CIP_HEADER_QUADLETS);
  		bool sched_irq = false;
  
  		build_it_pkt_header(s, desc->cycle, template, pkt_header_length,







