On Thu, Dec 13, 2018 at 10:37:06PM +0000, Michael Hanselmann wrote: > The filename length in MTP metadata is specified by the guest. By > trusting it directly it'd theoretically be possible to get the host to > write memory parts outside the filename buffer into a filename. In > practice though there are usually NUL bytes stopping the string > operations. > > Also use the opportunity to not assign the filename member twice.
Added to usb patch queue. thanks, Gerd