[sane-devel] Problem with libusb and 64 bits 2.6.25 kernel

Nicolas nicolas.martin at freesurf.fr
Tue Jun 24 19:26:32 UTC 2008 

Ok, then I propose to commit this patch to CVS, but I agree, libusb64
behavior is here pretty wierd...

Concerning potential buffer overflow risk in this function, raised by
Sam, could be possible to add a couple of lines in here, to reject too
many bytes read:

      error = pixma_read (s->io, data, chunksize);
      if (error < 0)
        return count;
      count += error;
      data += error;
+      chunksize = error;
+      if (chunksize > size)
+        return PIXMA_EIO;
      size -= error;
    }
  return count;
}

Sam, worth a try with these lines ? 
(I attached the patch from CVS to this post)

Nicolas


So unless I'm wrong, 

Le lundi 23 juin 2008 à 21:53 -0700, Dennis Lou a écrit :
> Right now my build system is acting a bit screwy.  I started working 
> on another USB device and now xsane isn't working, so I think I messed 
> something up and am not currently set up to do sane development at the moment.
> 
> In any case, I took a look at the patch.  Basically, it's a one-liner that 
> changes the minimum block size from 512 to the remainder.  The reason I chose a 
> 512 byte minimum block size is that the Windows driver does it that way, so I imitated.  
> If the patch works in 64bit libusb, it looks to me that it would likely work in 32bit as well.  
> However, it may take me a few days to rebuild my sane development environment and confirm.
> 
> My recollection of the USB spec is a bit hazy, but 64bit libusb behavior doesn't seem correct to me.
> 
> -Dennis
> 
> ----- Original Message ----
> From: Nicolas <nicolas.martin at freesurf.fr>
> To: Dennis Lou <dlou99 at yahoo.com>
> Cc: mrsam-guest at alioth.debian.org; sane-devel <sane-devel at lists.alioth.debian.org>
> Sent: Saturday, June 21, 2008 9:07:56 AM
> Subject: Re: [sane-devel] Problem with libusb and 64 bits 2.6.25 kernel
> 
> Hi Dennis, 
> 
> A bug was opened a while back by Sam Varshavchik, concerning the pixma
> backend for Canon ImageClass MF-4270, when compiled and used on a 64
> bits platform (no issue so far on 32 bits), details are given here:
> 
> https://alioth.debian.org/tracker/?group_id=30186&atid=410366&func=detail&aid=310861
> 
> We shared with Sam some info to try to locate the origin, which looked
> to be related to the 64 bits libusb. 
> 
> Sam has performed investigations since then, his conclusions spot on
> that 32 and 64 bits libusb behave slightly differently when reading data
> from USB, more precisely, the 64 bits libusb seems to expect an exact
> count of bytes to read (but not 32 bits libusb), and fails (timeout) if
> such count is not satisfied.
> 
> Sam, in his last post on the bug report page, proposes a patch, which
> looks to me fine for both 32 and 64 bits, and impacts only the
> ImageClass part of the backend. 
> 
> Dennis, If you don't mind, could you also have a look and give a try, so
> that we can commit into CVS.
> 
> Nicolas
> 
> 
>       
-------------- next part --------------
A non-text attachment was scrubbed...
Name: ovfl-24-06-2008.diff
Type: text/x-patch
Size: 682 bytes
Desc: not available
Url : http://lists.alioth.debian.org/pipermail/sane-devel/attachments/20080624/95c455cd/attachment.bin

More information about the sane-devel mailing list