This patch will avoid a NULL-pointer dereference OOPS which is caused by oddly-formed (yet legal) INQUIRY commands that request 0 bytes.
Greg, please apply.
Matt
P.S. This patch was made against your 2.5-bk tree, which seems to have now
vanished. Is that gone forever?
# This is a BitKeeper generated patch for the following project:
# Project Name: greg k-h's linux 2.5 USB kernel tree
# This patch format is intended for GNU patch command version 2.5 or higher.
# This patch includes the following deltas:
# ChangeSet 1.1965 -> 1.1966
# drivers/usb/storage/protocol.c 1.12 -> 1.13
#
# The following is the BitKeeper ChangeSet Log
# --------------------------------------------
# 03/06/16 [EMAIL PROTECTED] 1.1966
# Avoid NULL-pointer reference during fixup of INQUIRY version for
# oddly-constructed (but legal) INQUIRY commands.
# --------------------------------------------
#
diff -Nru a/drivers/usb/storage/protocol.c b/drivers/usb/storage/protocol.c
--- a/drivers/usb/storage/protocol.c Mon Jun 16 17:19:34 2003
+++ b/drivers/usb/storage/protocol.c Mon Jun 16 17:19:34 2003
@@ -82,6 +82,10 @@
if (srb->cmnd[0] != INQUIRY)
return;
+ /* oddly short buffer -- bail out */
+ if (srb->request_bufflen < 3)
+ return;
+
data_ptr = find_data_location(srb);
if ((data_ptr[2] & 7) == 2)
--
Matthew Dharm Home: [EMAIL PROTECTED]
Maintainer, Linux USB Mass Storage Driver
What the hell are you?
-- Pitr to Dust Puppy
User Friendly, 12/3/1997
pgp00000.pgp
Description: PGP signature
