mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-09-15 23:25:07 +00:00
Code Issues Releases Wiki Activity
linux-stable/drivers/usb/misc
History
Dongliang Mu bce2b05399 usb: idmouse: fix an uninit-value in idmouse_open 
In idmouse_create_image, if any ftip_command fails, it will
go to the reset label. However, this leads to the data in
bulk_in_buffer[HEADER..IMGSIZE] uninitialized. And the check
for valid image incurs an uninitialized dereference.

Fix this by moving the check before reset label since this
check only be valid if the data after bulk_in_buffer[HEADER]
has concrete data.

Note that this is found by KMSAN, so only kernel compilation
is tested.

Reported-by: syzbot+79832d33eb89fb3cd092@syzkaller.appspotmail.com
Signed-off-by: Dongliang Mu <mudongliangabcd@gmail.com>
Link: https://lore.kernel.org/r/20220922134847.1101921-1-dzm91@hust.edu.cn
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2022-09-27 10:37:09 +02:00
..
sisusbvga tty/vt: consolemap: rename struct vc_data::vc_uni_pagedir* 2022-06-27 14:17:12 +02:00
adutux.c usb: misc: adutux: use swap() 2021-08-05 12:31:34 +02:00
apple-mfi-fastcharge.c
appledisplay.c
brcmstb-usb-pinmap.c usb: misc: brcmstb-usb-pinmap: add IRQ check 2021-08-13 13:05:50 +02:00
chaoskey.c
cypress_cy7c63.c
cytherm.c
ehset.c usb: misc: ehset: Rework test mode entry 2021-12-17 17:02:04 +01:00
emi26.c
emi62.c
ezusb.c usb: misc: ezusb: update to use usb_control_msg_send() 2021-03-28 13:41:27 +02:00
ftdi-elan.c usb: remove third argument of usb_maxpacket() 2022-04-23 10:33:53 +02:00
idmouse.c usb: idmouse: fix an uninit-value in idmouse_open 2022-09-27 10:37:09 +02:00
iowarrior.c USB: iowarrior: fix control-message timeouts 2021-10-26 19:12:28 +02:00
isight_firmware.c
Kconfig usb: misc: Add onboard_usb_hub driver 2022-07-08 14:53:50 +02:00
ldusb.c usb: ldusb: replace ternary operator with max_t() 2022-07-14 16:09:56 +02:00
legousbtower.c
lvstest.c usb: remove third argument of usb_maxpacket() 2022-04-23 10:33:53 +02:00
Makefile usb: misc: Add onboard_usb_hub driver 2022-07-08 14:53:50 +02:00
onboard_usb_hub.c usb: misc: onboard_usb_hub: Drop reset delay in onboard_hub_power_off() 2022-08-18 21:10:59 +02:00
onboard_usb_hub.h usb: misc: onboard_usb_hub: Add TI USB8041 hub support 2022-07-27 16:26:20 +02:00
onboard_usb_hub_pdevs.c usb: misc: onboard_hub: Fix 'missing prototype' warning 2022-07-14 16:09:32 +02:00
qcom_eud.c usb: misc: eud: Fix an error handling path in eud_probe() 2022-04-21 19:24:10 +02:00
trancevibrator.c USB: trancevibrator: fix control-request direction 2021-05-21 20:10:43 +02:00
usb251xb.c usb: usb251xb: Switch to use dev_err_probe() helper 2022-09-27 10:35:39 +02:00
usb3503.c usb: misc: usb3503: call clk_disable_unprepare in the error handling 2022-09-09 09:30:20 +02:00
usb4604.c
usb_u132.h
usblcd.c
usbsevseg.c USB: usbsevseg: convert sysfs snprintf to sysfs_emit 2022-07-27 14:48:14 +02:00
usbtest.c usb/misc: fix repeated words in comments 2022-07-27 14:33:57 +02:00
uss720.c usb: misc: uss720: fix uninitialized variable rlen 2022-09-07 16:23:48 +02:00
yurex.c USB: yurex: fix control-URB timeout handling 2020-12-28 15:47:06 +01:00