subject:"\[PATCH\] usb_driver_claim_interface\: add sanity checking"

Re: [PATCH] usb_driver_claim_interface: add sanity checking

2016-03-19 Thread Alan Stern

On Wed, 16 Mar 2016, Oliver Neukum wrote: > Attacks that trick drivers into passing a NULL pointer > to usb_driver_claim_interface() using forged descriptors are > known. This thwarts them by sanity checking. I'm curious -- how do these attacks carry out their trickery? Alan Stern -- To

Re: [PATCH] usb_driver_claim_interface: add sanity checking

2016-03-19 Thread Alan Stern

On Wed, 16 Mar 2016, Oliver Neukum wrote: > On Wed, 2016-03-16 at 10:08 -0400, Alan Stern wrote: > > On Wed, 16 Mar 2016, Oliver Neukum wrote: > > > > > Attacks that trick drivers into passing a NULL pointer > > > to usb_driver_claim_interface() using forged descriptors are > > > known. This

Re: [PATCH] usb_driver_claim_interface: add sanity checking

2016-03-19 Thread Oliver Neukum

On Wed, 2016-03-16 at 10:08 -0400, Alan Stern wrote: > On Wed, 16 Mar 2016, Oliver Neukum wrote: > > > Attacks that trick drivers into passing a NULL pointer > > to usb_driver_claim_interface() using forged descriptors are > > known. This thwarts them by sanity checking. > > I'm curious -- how

Re: [PATCH] usb_driver_claim_interface: add sanity checking

2016-03-19 Thread Oliver Neukum

On Thu, 2016-03-17 at 12:44 +0100, Oliver Neukum wrote: > On Wed, 2016-03-16 at 10:41 -0400, Alan Stern wrote: > > > While adding your check to usb_driver_claim_interface() is a reasonable > > thing to do, it might not solve all the problems. A driver might still > > try to use the invalid

[PATCH] usb_driver_claim_interface: add sanity checking

2016-03-18 Thread Oliver Neukum

Attacks that trick drivers into passing a NULL pointer to usb_driver_claim_interface() using forged descriptors are known. This thwarts them by sanity checking. Signed-off-by: Oliver Neukum CC: sta...@vger.kernel.org --- drivers/usb/core/driver.c | 6 +- 1 file changed, 5

Re: [PATCH] usb_driver_claim_interface: add sanity checking

2016-03-18 Thread Oliver Neukum

On Wed, 2016-03-16 at 10:41 -0400, Alan Stern wrote: > While adding your check to usb_driver_claim_interface() is a reasonable > thing to do, it might not solve all the problems. A driver might still > try to use the invalid interface pointer (perhaps when writing out an > error message). It

Re: [PATCH] usb_driver_claim_interface: add sanity checking

Re: [PATCH] usb_driver_claim_interface: add sanity checking

Re: [PATCH] usb_driver_claim_interface: add sanity checking

Re: [PATCH] usb_driver_claim_interface: add sanity checking

[PATCH] usb_driver_claim_interface: add sanity checking

Re: [PATCH] usb_driver_claim_interface: add sanity checking

6 matches

Site Navigation

Mail list logo

Footer information