[PATCH 4.9 004/164] watchdog: pcwd_usb: fix NULL-deref at probe

Greg Kroah-Hartman Tue, 23 May 2017 14:51:46 -0700

4.9-stable review patch.  If anyone has any objections, please let me know.


------------------

From: Johan Hovold <jo...@kernel.org>

commit 46c319b848268dab3f0e7c4a5b6e9146d3bca8a4 upstream.

Make sure to check the number of endpoints to avoid dereferencing a
NULL-pointer should a malicious device lack endpoints.

Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2")
Signed-off-by: Johan Hovold <jo...@kernel.org>
Reviewed-by: Guenter Roeck <li...@roeck-us.net>
Signed-off-by: Guenter Roeck <li...@roeck-us.net>
Signed-off-by: Wim Van Sebroeck <w...@iguana.be>
Signed-off-by: Greg Kroah-Hartman <gre...@linuxfoundation.org>

---
 drivers/watchdog/pcwd_usb.c |    3 +++
 1 file changed, 3 insertions(+)

--- a/drivers/watchdog/pcwd_usb.c
+++ b/drivers/watchdog/pcwd_usb.c
@@ -630,6 +630,9 @@ static int usb_pcwd_probe(struct usb_int
                return -ENODEV;
        }
 
+       if (iface_desc->desc.bNumEndpoints < 1)
+               return -ENODEV;
+
        /* check out the endpoint: it has to be Interrupt & IN */
        endpoint = &iface_desc->endpoint[0].desc;

[PATCH 4.9 004/164] watchdog: pcwd_usb: fix NULL-deref at probe

Reply via email to