Re: [PATCH v2] HID: usbhid: fix out-of-bounds bug

On Thu, 28 Sep 2017, Jaejoong Kim wrote: > The hid descriptor identifies the length and type of subordinate > descriptors for a device. If the received hid descriptor is smaller than > the size of the struct hid_descriptor, it is possible to cause > out-of-bounds. > > In addition, if

Re: [PATCH v2] HID: usbhid: fix out-of-bounds bug

On Tue, 10 Oct 2017, Jaejoong Kim wrote: > Hi, > > To. Jiri, Alan, > > Could you please review this patch? > > To. Andey, > > Could you please test with this patch for KASAN OOB error? > > Thanks, jaejoong > > 2017-09-28 19:16 GMT+09:00 Jaejoong Kim : > > The hid

Re: [PATCH v2] HID: usbhid: fix out-of-bounds bug

On Tue, Oct 10, 2017 at 9:25 AM, Jaejoong Kim wrote: > Hi, > > To. Jiri, Alan, > > Could you please review this patch? > > To. Andey, > > Could you please test with this patch for KASAN OOB error? Hi! Yes, your patch fixes the issue. Thanks! Tested-by: Andrey Konovalov

Re: [PATCH v2] HID: usbhid: fix out-of-bounds bug

Hi, To. Jiri, Alan, Could you please review this patch? To. Andey, Could you please test with this patch for KASAN OOB error? Thanks, jaejoong 2017-09-28 19:16 GMT+09:00 Jaejoong Kim : > The hid descriptor identifies the length and type of subordinate > descriptors for

[PATCH v2] HID: usbhid: fix out-of-bounds bug

The hid descriptor identifies the length and type of subordinate descriptors for a device. If the received hid descriptor is smaller than the size of the struct hid_descriptor, it is possible to cause out-of-bounds. In addition, if bNumDescriptors of the hid descriptor have an incorrect value,