Re: [PATCH] usb: usbfs: fix crash in check_ctrlrecip()->usb_find_alt_setting()

ice which happens to be unconfigured, > which is a perfectly valid thing to do. Therefore it shouldn't require > any special handling at the call site. > > Alan Stern Thank you for the explanation and a detailed response. Best regards, Vladis Dronov | Red Hat, Inc. | Product S

Re: [PATCH] usb: usbfs: fix crash in check_ctrlrecip()->usb_find_alt_setting()

d I would, again, to be aware when some code does something weird so we know about it. But this world is this world, it needs more performance to the throne of performance. I have no other arguments except the above, please, feel free to not to accept my patch. Best regards, Vladis Dronov | Red Hat, Inc. | Product Security Engineer

Re: [PATCH] usb: usbfs: fix crash in check_ctrlrecip()->usb_find_alt_setting()

Honestly, I would change "if (!config)" in usb_find_alt_setting() to "BUG_ON(!config)" so we know when its callers do smth wrong and go fix callers. Unfortunately, I understand this hardly will be accepted. Best regards, Vladis Dronov | Red Hat, Inc. | Product Security Engineer

[PATCH] usb: usbfs: fix crash in check_ctrlrecip()->usb_find_alt_setting()

ps->dev->actconfig can be NULL and cause NULL-deref in usb_find_alt_setting() before c9a4cb204e9e. fix this anyway by checking that ps->dev->actconfig is not NULL, so usb_find_alt_setting() is not called with a known-bad argument. Signed-off-by: Vladis Dronov Reporte

Re: general protection fault in usb_find_alt_setting

re fixed by the same commit "USB: handle NULL config in usb_find_alt_setting()". As I'm kinda a perfectionist, I would like to mark (bug id=4b88ff5aa6aa) as fixed by this commit and not closed as invalid. Best regards, Vladis Dronov | Red Hat, Inc. | Product Security Engineer

[PATCH] Input: ati_remote2: fix crashes on detecting device with invalid descriptor

disclosure: http://seclists.org/bugtraq/2016/Mar/90 Reported-by: Ralf Spenneberg Signed-off-by: Vladis Dronov --- please, note: usb_driver_claim_interface() patch (0b818e3956) is not sufficient to cover all cases when this can crash. drivers/input/misc/ati_remote2.c | 36

Re: [PATCH] Input: gtco: fix crash on detecting device without endpoints

Hat Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1283385 Best regards, Vladis Dronov | Red Hat, Inc. | Product Security Engineer -- To unsubscribe from this list: send the line "unsubscribe linux-usb" in the body of a message to majord...@vger.kernel.org More majordomo info at

[PATCH] Input: gtco: fix crash on detecting device without endpoints

can be found here: http://seclists.org/bugtraq/2016/Mar/86 Reported-by: Ralf Spenneberg Signed-off-by: Vladis Dronov --- drivers/input/tablet/gtco.c | 10 +- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/drivers/input/tablet/gtco.c b/drivers/input/tablet/gtco.c index