cdc-acm: fix NULL pointer reference (rhbz 1316719)
This commit is contained in:
Laura Abbott
parent
51f51bfbf9
commit
a0db662f75
|
|
@ -0,0 +1,46 @@
|
|||
From 29c6dd591bbd592472247441de9fa694acdabae8 Mon Sep 17 00:00:00 2001
|
||||
From: Oliver Neukum <oneukum@suse.com>
|
||||
Date: Thu, 7 Jan 2016 11:01:00 +0100
|
||||
Subject: [PATCH] cdc-acm: fix NULL pointer reference
|
||||
|
||||
The union descriptor must be checked. Its usage was conditional
|
||||
before the parser was introduced. This is important, because
|
||||
many RNDIS device, which also use the common parser, have
|
||||
bogus extra descriptors.
|
||||
|
||||
Signed-off-by: Oliver Neukum <oneukum@suse.com>
|
||||
Tested-by: Vasily Galkin <galkin-vv@yandex.ru>
|
||||
Signed-off-by: David S. Miller <davem@davemloft.net>
|
||||
---
|
||||
drivers/net/usb/cdc_ether.c | 8 +++++++-
|
||||
1 file changed, 7 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/drivers/net/usb/cdc_ether.c b/drivers/net/usb/cdc_ether.c
|
||||
index 3da70bf..7cba2c3 100644
|
||||
--- a/drivers/net/usb/cdc_ether.c
|
||||
+++ b/drivers/net/usb/cdc_ether.c
|
||||
@@ -160,6 +160,12 @@ int usbnet_generic_cdc_bind(struct usbnet *dev, struct usb_interface *intf)
|
||||
info->u = header.usb_cdc_union_desc;
|
||||
info->header = header.usb_cdc_header_desc;
|
||||
info->ether = header.usb_cdc_ether_desc;
|
||||
+ if (!info->u) {
|
||||
+ if (rndis)
|
||||
+ goto skip;
|
||||
+ else /* in that case a quirk is mandatory */
|
||||
+ goto bad_desc;
|
||||
+ }
|
||||
/* we need a master/control interface (what we're
|
||||
* probed with) and a slave/data interface; union
|
||||
* descriptors sort this all out.
|
||||
@@ -256,7 +262,7 @@ skip:
|
||||
goto bad_desc;
|
||||
}
|
||||
|
||||
- } else if (!info->header || !info->u || (!rndis && !info->ether)) {
|
||||
+ } else if (!info->header || (!rndis && !info->ether)) {
|
||||
dev_dbg(&intf->dev, "missing cdc %s%s%sdescriptor\n",
|
||||
info->header ? "" : "header ",
|
||||
info->u ? "" : "union ",
|
||||
--
|
||||
2.5.0
|
||||
|
||||
|
|
@ -622,6 +622,9 @@ Patch660: 0001-drm-i915-Pretend-cursor-is-always-on-for-ILK-style-W.patch
|
|||
#Fix for known arm64 breakage. No bugzilla becuase proactivity \o/
|
||||
Patch661: 0001-arm64-account-for-sparsemem-section-alignment-when-c.patch
|
||||
|
||||
#rhbz 1316719
|
||||
Patch662: 0001-cdc-acm-fix-NULL-pointer-reference.patch
|
||||
|
||||
# END OF PATCH DEFINITIONS
|
||||
%endif
|
||||
|
||||
|
|
@ -2065,6 +2068,9 @@ fi
|
|||
#
|
||||
#
|
||||
%changelog
|
||||
* Thu Mar 10 2016 Laura Abbott <labbott@redhat.com>
|
||||
- cdc-acm: fix NULL pointer reference (rhbz 1316719)
|
||||
|
||||
* Wed Mar 09 2016 Laura Abbott <labbott@redhat.com> - 4.4.5-300
|
||||
- Linux v4.4.5
|
||||
- Fix for known arm64 bootup issue
|
||||
|
|
|
|||
Loading…
Reference in New Issue