Make sure to check the number of endpoints to avoid dereferencing a
NULL-pointer should a malicious device lack endpoints.
Fixes: aca951a22a1d ("[PATCH] input-driver-yealink-P1K-usb-phone")
Cc: stable <[email protected]> # 2.6.14
Cc: Henk <[email protected]>
Signed-off-by: Johan Hovold <[email protected]>
---
drivers/input/misc/yealink.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/drivers/input/misc/yealink.c b/drivers/input/misc/yealink.c
index 79c964c075f1..6e7ff9561d92 100644
--- a/drivers/input/misc/yealink.c
+++ b/drivers/input/misc/yealink.c
@@ -875,6 +875,10 @@ static int usb_probe(struct usb_interface *intf, const
struct usb_device_id *id)
int ret, pipe, i;
interface = intf->cur_altsetting;
+
+ if (interface->desc.bNumEndpoints < 1)
+ return -ENODEV;
+
endpoint = &interface->endpoint[0].desc;
if (!usb_endpoint_is_int_in(endpoint))
return -ENODEV;
--
2.12.0
