From: Hans de Goede <hdego...@redhat.com>
If an endpoint is not in the usb descriptor we've no idea what kind of
endpoint it is and thus how to handle it, refuse packages in this case.
Signed-off-by: Hans de Goede <hdego...@redhat.com>
Signed-off-by: Gerd Hoffmann <kra...@redhat.com>
---
usb-linux.c | 13 +++++++++++++
1 files changed, 13 insertions(+), 0 deletions(-)
diff --git a/usb-linux.c b/usb-linux.c
index a68603d..6aef7a5 100644
--- a/usb-linux.c
+++ b/usb-linux.c
@@ -94,6 +94,7 @@ static int usb_fs_type;
/* endpoint association data */
#define ISO_FRAME_DESC_PER_URB 32
#define ISO_URB_COUNT 3
+#define INVALID_EP_TYPE 255
typedef struct AsyncURB AsyncURB;
@@ -168,6 +169,11 @@ static int is_isoc(USBHostDevice *s, int ep)
return s->endp_table[ep - 1].type == USBDEVFS_URB_TYPE_ISO;
}
+static int is_valid(USBHostDevice *s, int ep)
+{
+ return s->endp_table[ep - 1].type != INVALID_EP_TYPE;
+}
+
static int is_halted(USBHostDevice *s, int ep)
{
return s->endp_table[ep - 1].halted;
@@ -611,6 +617,10 @@ static int usb_host_handle_data(USBHostDevice *s,
USBPacket *p)
int ret;
uint8_t ep;
+ if (!is_valid(s, p->devep)) {
+ return USB_RET_NAK;
+ }
+
if (p->pid == USB_TOKEN_IN) {
ep = p->devep | 0x80;
} else {
@@ -1071,6 +1081,9 @@ static int usb_linux_update_endp_table(USBHostDevice *s)
uint8_t devep, type, configuration, alt_interface;
int interface, length, i;
+ for (i = 0; i < MAX_ENDPOINTS; i++)
+ s->endp_table[i].type = INVALID_EP_TYPE;
+
i = usb_linux_get_configuration(s);
if (i < 0)
return 1;
--
1.7.1
