The existing USB configuration parsing code relies on the descriptors'
own length values when reading through the configuration blob. Since the
size of those descriptors is always well-defined, we should rather use
the known sizes instead of trusting device-provided values to be
correct. Also adds
Hi Julius,
On Wed, 17 Jul 2013 17:55:19 -0700, Julius Werner
wrote:
> The existing USB configuration parsing code relies on the descriptors'
> own length values when reading through the configuration blob. Since the
> size of those descriptors is always well-defined, we should rather use
> the k
> From a security / robustness standpoint,
>
> - if the descriptor length field is found to be abnormal, then the code
> should not process the packet at all. Here it seems it only warns
> then goes on to use the descriptor.
Weren't you the guy who was so worried about poor Chinese devices who
Dear Julius Werner,
> > From a security / robustness standpoint,
> >
> > - if the descriptor length field is found to be abnormal, then the code
> >
> > should not process the packet at all. Here it seems it only warns
> > then goes on to use the descriptor.
>
> Weren't you the guy who was
Dear Julius Werner,
> The existing USB configuration parsing code relies on the descriptors'
> own length values when reading through the configuration blob. Since the
> size of those descriptors is always well-defined, we should rather use
> the known sizes instead of trusting device-provided val
> Mulling over this some more, I suspect if the device does have incorrect
> config
> descriptor, we should just ignore the device because it's broken piece of
> junk.
I can change it if you insist, but I'd like to keep it to make the
code look more consistent (since later on with the interface/
Dear Julius Werner,
> > Mulling over this some more, I suspect if the device does have incorrect
> > config descriptor, we should just ignore the device because it's broken
> > piece of junk.
>
> I can change it if you insist, but I'd like to keep it to make the
> code look more consistent (since
> How would that make the code more consistent ? It seems if the device can not
> even provide valid config ep descriptor, the device is broken beyond
> salvation.
Okay, sure, it's not important enough to argue about. Will resubmit it this way.
>> The sizeof() thing is true for the configuration
Hi Julius,
> > How would that make the code more consistent ? It seems if the device can
> > not even provide valid config ep descriptor, the device is broken beyond
> > salvation.
>
> Okay, sure, it's not important enough to argue about. Will resubmit it this
> way.
>
> >> The sizeof() thing is
9 matches
Mail list logo
