CVSROOT: /cvs
Module name: src
Changes by: an...@cvs.openbsd.org 2021/02/03 23:57:19
Modified files:
usr.bin/usbhidctl: usbhid.c
Log message:
Unconditionally allocate a buffer big enough to hold a struct
usb_ctl_report.
Limiting the size of the buffer to the size of the requested report can
cause the ioctl(USB_GET_REPORT) command to fail with EFAULT as the
kernel will always copy sizeof(struct usb_ctl_report) bytes from the
address passed from user space. That is when the given address +
sizeof(struct usb_ctl_report) crosses a page boundary and the adjacent
page is not mapped.
ok mglocker@
