On Wed, 12 Mar 2025, Terry Junge wrote: > Update struct hid_descriptor to better reflect the mandatory and > optional parts of the HID Descriptor as per USB HID 1.11 specification. > Note: the kernel currently does not parse any optional HID class > descriptors, only the mandatory report descriptor. > > Update all references to member element desc[0] to rpt_desc. > > Add test to verify bLength and bNumDescriptors values are valid. > > Replace the for loop with direct access to the mandatory HID class > descriptor member for the report descriptor. This eliminates the > possibility of getting an out-of-bounds fault. > > Add a warning message if the HID descriptor contains any unsupported > optional HID class descriptors. > > Reported-by: [email protected] > Closes: https://syzkaller.appspot.com/bug?extid=c52569baf0c843f35495 > Fixes: f043bfc98c19 ("HID: usbhid: fix out-of-bounds bug") > Cc: [email protected] > Signed-off-by: Terry Junge <[email protected]>
Applied, thanks. -- Jiri Kosina SUSE Labs
