Commit 2ad9d544 authored by Oliver Neukum's avatar Oliver Neukum Committed by Greg Kroah-Hartman

cdc-acm: hardening against malicious devices

This should fix the last holes against malicious devices
still open in cdc-acm. It cannot go into stable due to
the introduction of the common parser.
The fix for stable already merged also covers the problems this patch
fixes.
Signed-off-by: default avatarOliver Neukum <oneukum@suse.com>
Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
parent 3a383cc0
...@@ -1179,6 +1179,9 @@ static int acm_probe(struct usb_interface *intf, ...@@ -1179,6 +1179,9 @@ static int acm_probe(struct usb_interface *intf,
return -EINVAL; return -EINVAL;
} }
if (!intf->cur_altsetting)
return -EINVAL;
if (!buflen) { if (!buflen) {
if (intf->cur_altsetting->endpoint && if (intf->cur_altsetting->endpoint &&
intf->cur_altsetting->endpoint->extralen && intf->cur_altsetting->endpoint->extralen &&
...@@ -1232,6 +1235,8 @@ static int acm_probe(struct usb_interface *intf, ...@@ -1232,6 +1235,8 @@ static int acm_probe(struct usb_interface *intf,
dev_dbg(&intf->dev, "no interfaces\n"); dev_dbg(&intf->dev, "no interfaces\n");
return -ENODEV; return -ENODEV;
} }
if (!data_interface->cur_altsetting || !control_interface->cur_altsetting)
return -ENODEV;
if (data_intf_num != call_intf_num) if (data_intf_num != call_intf_num)
dev_dbg(&intf->dev, "Separate call control interface. That is not fully supported.\n"); dev_dbg(&intf->dev, "Separate call control interface. That is not fully supported.\n");
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment