[{"id":16095,"web_url":"https://patchwork.libcamera.org/comment/16095/","msgid":"<YGeuc8Zx/neqkETY@pendragon.ideasonboard.com>","date":"2021-04-02T23:53:23","subject":"Re: [libcamera-devel] [PATCH v3 2/2] android: CameraDevice: Add\n\tmore camera3_capture_request validation","submitter":{"id":2,"url":"https://patchwork.libcamera.org/api/people/2/","name":"Laurent Pinchart","email":"laurent.pinchart@ideasonboard.com"},"content":"Hi Hiro,\n\nThank you for the patch.\n\nOn Fri, Apr 02, 2021 at 11:44:52AM +0900, Hirokazu Honda wrote:\n> This adds more validation to camera3_capture_request mainly\n> about buffer_handle values.\n> \n> Signed-off-by: Hirokazu Honda <hiroh@chromium.org>\n> ---\n>  src/android/camera_device.cpp | 29 +++++++++++++++++++++++++++--\n>  1 file changed, 27 insertions(+), 2 deletions(-)\n> \n> diff --git a/src/android/camera_device.cpp b/src/android/camera_device.cpp\n> index 988c1fd5..8b6032fc 100644\n> --- a/src/android/camera_device.cpp\n> +++ b/src/android/camera_device.cpp\n> @@ -263,11 +263,36 @@ bool isValidRequest(camera3_capture_request_t *camera3Request)\n>  \t\treturn false;\n>  \t}\n>  \n> -\tif (!camera3Request->num_output_buffers) {\n> +\tif (!camera3Request->num_output_buffers ||\n> +\t    !camera3Request->output_buffers) {\n>  \t\tLOG(HAL, Error) << \"No output buffers provided\";\n>  \t\treturn false;\n>  \t}\n>  \n> +\tfor (uint32_t i = 0; i < camera3Request->num_output_buffers; i++) {\n> +\t\tconst camera3_stream_buffer_t &outputBuffer =\n> +\t\t\tcamera3Request->output_buffers[i];\n> +\t\tif (!outputBuffer.buffer || !(*outputBuffer.buffer)) {\n\nI wonder why camera3_stream_buffer_t.buffer is a buffer_handle_t *\ninstead of a buffer_handle_t, given that buffer_handle_t is itself an\nalias for native_handle_t *. An API design oversight maybe, or do you\nknow if there's a reason ?\n\n> +\t\t\tLOG(HAL, Error) << \"Invalid native handle\";\n> +\t\t\treturn false;\n> +\t\t}\n> +\n> +\t\tconst native_handle_t *handle = *outputBuffer.buffer;\n> +\t\tconstexpr int kNativeHandleMaxFds = 1024;\n> +\t\tif (handle->numFds < 0 || handle->numFds > kNativeHandleMaxFds) {\n> +\t\t\tLOG(HAL, Error) << \"Invalid number of fds: \"\n> +\t\t\t\t\t<< handle->numFds;\n> +\t\t\treturn false;\n> +\t\t}\n> +\n> +\t\tconstexpr int kNativeHandleMaxInts = 1024;\n> +\t\tif (handle->numInts < 0 || handle->numInts > kNativeHandleMaxInts) {\n> +\t\t\tLOG(HAL, Error) << \"Invalid number of data: \"\n\ns/data/ints/\n\n> +\t\t\t\t\t<< handle->numInts;\n\nShould we give a bit more context though, to make the error message more\nexplicit ? Something along the lines of\n\n\t\t\tLOG(HAL, Error)\n\t\t\t\t<< \"Invalid number of data (\" << handle->numInts\n\t\t\t\t<< \") in buffer \" << i;\n\nSame for the fds.\n\n> +\t\t\treturn false;\n> +\t\t}\n> +\t}\n> +\n>  \treturn true;\n>  }\n>  \n> @@ -1800,7 +1825,7 @@ int CameraDevice::processControls(Camera3RequestDescriptor *descriptor)\n>  \n>  int CameraDevice::processCaptureRequest(camera3_capture_request_t *camera3Request)\n>  {\n> -\tif (isValidRequest(camera3Request))\n> +\tif (!isValidRequest(camera3Request))\n\nThis belongs to the previous patch.\n\nWith these small issues addressed,\n\nReviewed-by: Laurent Pinchart <laurent.pinchart@ideasonboard.com>\n\n>  \t\treturn -EINVAL;\n>  \n>  \t/* Start the camera if that's the first request we handle. */","headers":{"Return-Path":"<libcamera-devel-bounces@lists.libcamera.org>","X-Original-To":"parsemail@patchwork.libcamera.org","Delivered-To":"parsemail@patchwork.libcamera.org","Received":["from lancelot.ideasonboard.com (lancelot.ideasonboard.com\n\t[92.243.16.209])\n\tby patchwork.libcamera.org (Postfix) with ESMTPS id 0CD74BD695\n\tfor <parsemail@patchwork.libcamera.org>;\n\tFri,  2 Apr 2021 23:54:10 +0000 (UTC)","from lancelot.ideasonboard.com (localhost [IPv6:::1])\n\tby lancelot.ideasonboard.com (Postfix) with ESMTP id 7D46C602CF;\n\tSat,  3 Apr 2021 01:54:09 +0200 (CEST)","from perceval.ideasonboard.com (perceval.ideasonboard.com\n\t[IPv6:2001:4b98:dc2:55:216:3eff:fef7:d647])\n\tby lancelot.ideasonboard.com (Postfix) with ESMTPS id 57516602CF\n\tfor <libcamera-devel@lists.libcamera.org>;\n\tSat,  3 Apr 2021 01:54:08 +0200 (CEST)","from pendragon.ideasonboard.com (62-78-145-57.bb.dnainternet.fi\n\t[62.78.145.57])\n\tby perceval.ideasonboard.com (Postfix) with ESMTPSA id B874E3D7;\n\tSat,  3 Apr 2021 01:54:07 +0200 (CEST)"],"Authentication-Results":"lancelot.ideasonboard.com;\n\tdkim=fail reason=\"signature verification failed\" (1024-bit key;\n\tunprotected) header.d=ideasonboard.com header.i=@ideasonboard.com\n\theader.b=\"I9cKdaFi\"; dkim-atps=neutral","DKIM-Signature":"v=1; a=rsa-sha256; c=relaxed/simple; d=ideasonboard.com;\n\ts=mail; t=1617407647;\n\tbh=3+OMb5qyE5+CMMqzpLJNBicdWoqvYgESeMxrWJBkCNU=;\n\th=Date:From:To:Cc:Subject:References:In-Reply-To:From;\n\tb=I9cKdaFiS8xtMQ9uSVbd0NqIGJNcWE6XXk5e+Yh8xbpN70z046mBki8sO8vzu1LNB\n\tli00n2cuzZSpkgXNC4Yo4/w4oslB9G+u4Fl54InI2kJd1nFDQK2G7D6MMtQP7ceUlW\n\td+ozjIkqZezY5o8NoTqTsa2fNroVEzF/eb91TvZ8=","Date":"Sat, 3 Apr 2021 02:53:23 +0300","From":"Laurent Pinchart <laurent.pinchart@ideasonboard.com>","To":"Hirokazu Honda <hiroh@chromium.org>","Message-ID":"<YGeuc8Zx/neqkETY@pendragon.ideasonboard.com>","References":"<20210402024452.1308253-1-hiroh@chromium.org>\n\t<20210402024452.1308253-2-hiroh@chromium.org>","MIME-Version":"1.0","Content-Disposition":"inline","In-Reply-To":"<20210402024452.1308253-2-hiroh@chromium.org>","Subject":"Re: [libcamera-devel] [PATCH v3 2/2] android: CameraDevice: Add\n\tmore camera3_capture_request validation","X-BeenThere":"libcamera-devel@lists.libcamera.org","X-Mailman-Version":"2.1.29","Precedence":"list","List-Id":"<libcamera-devel.lists.libcamera.org>","List-Unsubscribe":"<https://lists.libcamera.org/options/libcamera-devel>,\n\t<mailto:libcamera-devel-request@lists.libcamera.org?subject=unsubscribe>","List-Archive":"<https://lists.libcamera.org/pipermail/libcamera-devel/>","List-Post":"<mailto:libcamera-devel@lists.libcamera.org>","List-Help":"<mailto:libcamera-devel-request@lists.libcamera.org?subject=help>","List-Subscribe":"<https://lists.libcamera.org/listinfo/libcamera-devel>,\n\t<mailto:libcamera-devel-request@lists.libcamera.org?subject=subscribe>","Cc":"libcamera-devel@lists.libcamera.org","Content-Type":"text/plain; charset=\"us-ascii\"","Content-Transfer-Encoding":"7bit","Errors-To":"libcamera-devel-bounces@lists.libcamera.org","Sender":"\"libcamera-devel\" <libcamera-devel-bounces@lists.libcamera.org>"}},{"id":16113,"web_url":"https://patchwork.libcamera.org/comment/16113/","msgid":"<CAO5uPHNLPiicXcs=WSxCHQy6YpoykE8_90y2bh04B0On0TKSaA@mail.gmail.com>","date":"2021-04-03T13:38:19","subject":"Re: [libcamera-devel] [PATCH v3 2/2] android: CameraDevice: Add\n\tmore camera3_capture_request validation","submitter":{"id":63,"url":"https://patchwork.libcamera.org/api/people/63/","name":"Hirokazu Honda","email":"hiroh@chromium.org"},"content":"Hi Laurent, thanks for reviewing.\n\nOn Sat, Apr 3, 2021 at 8:54 AM Laurent Pinchart\n<laurent.pinchart@ideasonboard.com> wrote:\n>\n> Hi Hiro,\n>\n> Thank you for the patch.\n>\n> On Fri, Apr 02, 2021 at 11:44:52AM +0900, Hirokazu Honda wrote:\n> > This adds more validation to camera3_capture_request mainly\n> > about buffer_handle values.\n> >\n> > Signed-off-by: Hirokazu Honda <hiroh@chromium.org>\n> > ---\n> >  src/android/camera_device.cpp | 29 +++++++++++++++++++++++++++--\n> >  1 file changed, 27 insertions(+), 2 deletions(-)\n> >\n> > diff --git a/src/android/camera_device.cpp b/src/android/camera_device.cpp\n> > index 988c1fd5..8b6032fc 100644\n> > --- a/src/android/camera_device.cpp\n> > +++ b/src/android/camera_device.cpp\n> > @@ -263,11 +263,36 @@ bool isValidRequest(camera3_capture_request_t *camera3Request)\n> >               return false;\n> >       }\n> >\n> > -     if (!camera3Request->num_output_buffers) {\n> > +     if (!camera3Request->num_output_buffers ||\n> > +         !camera3Request->output_buffers) {\n> >               LOG(HAL, Error) << \"No output buffers provided\";\n> >               return false;\n> >       }\n> >\n> > +     for (uint32_t i = 0; i < camera3Request->num_output_buffers; i++) {\n> > +             const camera3_stream_buffer_t &outputBuffer =\n> > +                     camera3Request->output_buffers[i];\n> > +             if (!outputBuffer.buffer || !(*outputBuffer.buffer)) {\n>\n> I wonder why camera3_stream_buffer_t.buffer is a buffer_handle_t *\n> instead of a buffer_handle_t, given that buffer_handle_t is itself an\n> alias for native_handle_t *. An API design oversight maybe, or do you\n> know if there's a reason ?\n>\n\nYeah, I am confused by it. I have no idea about the reason..\n\n> > +                     LOG(HAL, Error) << \"Invalid native handle\";\n> > +                     return false;\n> > +             }\n> > +\n> > +             const native_handle_t *handle = *outputBuffer.buffer;\n> > +             constexpr int kNativeHandleMaxFds = 1024;\n> > +             if (handle->numFds < 0 || handle->numFds > kNativeHandleMaxFds) {\n> > +                     LOG(HAL, Error) << \"Invalid number of fds: \"\n> > +                                     << handle->numFds;\n> > +                     return false;\n> > +             }\n> > +\n> > +             constexpr int kNativeHandleMaxInts = 1024;\n> > +             if (handle->numInts < 0 || handle->numInts > kNativeHandleMaxInts) {\n> > +                     LOG(HAL, Error) << \"Invalid number of data: \"\n>\n> s/data/ints/\n>\n> > +                                     << handle->numInts;\n>\n> Should we give a bit more context though, to make the error message more\n> explicit ? Something along the lines of\n>\n>                         LOG(HAL, Error)\n>                                 << \"Invalid number of data (\" << handle->numInts\n>                                 << \") in buffer \" << i;\n>\n> Same for the fds.\n>\n> > +                     return false;\n> > +             }\n> > +     }\n> > +\n> >       return true;\n> >  }\n> >\n> > @@ -1800,7 +1825,7 @@ int CameraDevice::processControls(Camera3RequestDescriptor *descriptor)\n> >\n> >  int CameraDevice::processCaptureRequest(camera3_capture_request_t *camera3Request)\n> >  {\n> > -     if (isValidRequest(camera3Request))\n> > +     if (!isValidRequest(camera3Request))\n>\n> This belongs to the previous patch.\n>\n> With these small issues addressed,\n>\n> Reviewed-by: Laurent Pinchart <laurent.pinchart@ideasonboard.com>\n>\n> >               return -EINVAL;\n> >\n> >       /* Start the camera if that's the first request we handle. */\n>\n> --\n> Regards,\n>\n> Laurent Pinchart","headers":{"Return-Path":"<libcamera-devel-bounces@lists.libcamera.org>","X-Original-To":"parsemail@patchwork.libcamera.org","Delivered-To":"parsemail@patchwork.libcamera.org","Received":["from lancelot.ideasonboard.com (lancelot.ideasonboard.com\n\t[92.243.16.209])\n\tby patchwork.libcamera.org (Postfix) with ESMTPS id DF023BD695\n\tfor <parsemail@patchwork.libcamera.org>;\n\tSat,  3 Apr 2021 13:38:32 +0000 (UTC)","from lancelot.ideasonboard.com (localhost [IPv6:::1])\n\tby lancelot.ideasonboard.com (Postfix) with ESMTP id 9C8366877E;\n\tSat,  3 Apr 2021 15:38:32 +0200 (CEST)","from mail-ed1-x533.google.com (mail-ed1-x533.google.com\n\t[IPv6:2a00:1450:4864:20::533])\n\tby lancelot.ideasonboard.com (Postfix) with ESMTPS id 2C2C0602CF\n\tfor <libcamera-devel@lists.libcamera.org>;\n\tSat,  3 Apr 2021 15:38:31 +0200 (CEST)","by mail-ed1-x533.google.com with SMTP id b16so8021071eds.7\n\tfor <libcamera-devel@lists.libcamera.org>;\n\tSat, 03 Apr 2021 06:38:31 -0700 (PDT)"],"Authentication-Results":"lancelot.ideasonboard.com;\n\tdkim=fail reason=\"signature verification failed\" (1024-bit key;\n\tunprotected) header.d=chromium.org header.i=@chromium.org\n\theader.b=\"R7EEFQdG\"; dkim-atps=neutral","DKIM-Signature":"v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org;\n\ts=google; \n\th=mime-version:references:in-reply-to:from:date:message-id:subject:to\n\t:cc; bh=Q5ecaRhqXyMrb88/rOtGBhGRB7BUKn8RBZgh05x1Ink=;\n\tb=R7EEFQdGy3Lji+15iJu72tbk1ivulaqtC3TkhlYR1qaa5rKSCgVozjgJcsKWTQbpiR\n\t04EviQmRjttTedPNWsKVkiBLoSvmHq7H/EQQQDi2TbacK9OptCCb4HOHDZR4YNqoucrC\n\tMKYhz41VcBpMo7bksXtrfakyhwzDhuxgPAnCY=","X-Google-DKIM-Signature":"v=1; a=rsa-sha256; c=relaxed/relaxed;\n\td=1e100.net; s=20161025;\n\th=x-gm-message-state:mime-version:references:in-reply-to:from:date\n\t:message-id:subject:to:cc;\n\tbh=Q5ecaRhqXyMrb88/rOtGBhGRB7BUKn8RBZgh05x1Ink=;\n\tb=Asl2/3rO1PtBG6lD13akeKh8IM2dC9Zcp/nK5nZUHC1RgCqfcJumzIy/4gtB48608W\n\tBrGe19XfYYvcmCRtjwOXCYp8a2Zoh3Ox+HqBNcG7KlrKeeu+1R3hFzPUF1We9mc+lNWG\n\tDflxnd+973hQ2FHRtJwLD8bh1d7Vsi3VOYxtEvH37Y+uukqZJefNcfLdGDdZIypsF8Av\n\tWA9eAkXpCgYg+JWfvC3C7oKpwgTf8rJU9EM6Viftkqv3rkPw9bQbEgUZbVAZYQOcc+Ka\n\tXI529YRxOmAsdX+ReycnXSNzB1dOwiUhkLVcBzQ+7K0HSOZfBfw2IZho1jqPC+znFhz2\n\tN67g==","X-Gm-Message-State":"AOAM533jCBbaZBxX4jHUfLc6jilCOmAo2oz25+JJtUkAem4QaeNueqpi\n\tuoPh75uuzFrdcFWOzZ9C13BIKG0eB0R5KYyeSt0/hw==","X-Google-Smtp-Source":"ABdhPJz692RFOxK6zAawglMxn8RZtd3tllnoMlkisk1KiUVS3GE3cx0nBKcll3N7V5ommpaXxkaIeVosrJI92ZeyMTI=","X-Received":"by 2002:a05:6402:488:: with SMTP id\n\tk8mr20969336edv.233.1617457110912; \n\tSat, 03 Apr 2021 06:38:30 -0700 (PDT)","MIME-Version":"1.0","References":"<20210402024452.1308253-1-hiroh@chromium.org>\n\t<20210402024452.1308253-2-hiroh@chromium.org>\n\t<YGeuc8Zx/neqkETY@pendragon.ideasonboard.com>","In-Reply-To":"<YGeuc8Zx/neqkETY@pendragon.ideasonboard.com>","From":"Hirokazu Honda <hiroh@chromium.org>","Date":"Sat, 3 Apr 2021 22:38:19 +0900","Message-ID":"<CAO5uPHNLPiicXcs=WSxCHQy6YpoykE8_90y2bh04B0On0TKSaA@mail.gmail.com>","To":"Laurent Pinchart <laurent.pinchart@ideasonboard.com>","Subject":"Re: [libcamera-devel] [PATCH v3 2/2] android: CameraDevice: Add\n\tmore camera3_capture_request validation","X-BeenThere":"libcamera-devel@lists.libcamera.org","X-Mailman-Version":"2.1.29","Precedence":"list","List-Id":"<libcamera-devel.lists.libcamera.org>","List-Unsubscribe":"<https://lists.libcamera.org/options/libcamera-devel>,\n\t<mailto:libcamera-devel-request@lists.libcamera.org?subject=unsubscribe>","List-Archive":"<https://lists.libcamera.org/pipermail/libcamera-devel/>","List-Post":"<mailto:libcamera-devel@lists.libcamera.org>","List-Help":"<mailto:libcamera-devel-request@lists.libcamera.org?subject=help>","List-Subscribe":"<https://lists.libcamera.org/listinfo/libcamera-devel>,\n\t<mailto:libcamera-devel-request@lists.libcamera.org?subject=subscribe>","Cc":"libcamera devel <libcamera-devel@lists.libcamera.org>","Content-Type":"text/plain; charset=\"us-ascii\"","Content-Transfer-Encoding":"7bit","Errors-To":"libcamera-devel-bounces@lists.libcamera.org","Sender":"\"libcamera-devel\" <libcamera-devel-bounces@lists.libcamera.org>"}}]