• Johan Hovold's avatar
    USB: uss720: fix NULL-deref at probe · f259ca3e
    Johan Hovold authored
    Make sure to check the number of endpoints to avoid dereferencing a
    NULL-pointer or accessing memory beyond the endpoint array should a
    malicious device lack the expected endpoints.
    
    Note that the endpoint access that causes the NULL-deref is currently
    only used for debugging purposes during probe so the oops only happens
    when dynamic debugging is enabled. This means the driver could be
    rewritten to continue to accept device with only two endpoints, should
    such devices exist.
    
    Fixes: 1da177e4 ("Linux-2.6.12-rc2")
    Cc: stable <stable@vger.kernel.org>
    Signed-off-by: default avatarJohan Hovold <johan@kernel.org>
    Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
    f259ca3e
uss720.c 22.4 KB