Fix a general protection fault when accessing the endpoint descriptors
which could be triggered by a malicious device due to missing sanity
checks on the number of endpoints.
Reported-by: [email protected]
Fixes: 07dc1f9f2f80 ("[PATCH] isdn4linux: Siemens Gigaset drivers - M105 USB DECT adapter")
Cc: stable <[email protected]> # 2.6.17
Cc: Hansjoerg Lipp <[email protected]>
Cc: Tilman Schmidt <[email protected]>
Signed-off-by: Johan Hovold <[email protected]>
---
drivers/staging/isdn/gigaset/usb-gigaset.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/drivers/staging/isdn/gigaset/usb-gigaset.c b/drivers/staging/isdn/gigaset/usb-gigaset.c
index 1b9b43659bdf..5e393e7dde45 100644
--- a/drivers/staging/isdn/gigaset/usb-gigaset.c
+++ b/drivers/staging/isdn/gigaset/usb-gigaset.c
@@ -685,6 +685,11 @@ static int gigaset_probe(struct usb_interface *interface,
return -ENODEV;
}
+ if (hostif->desc.bNumEndpoints < 2) {
+ dev_err(&interface->dev, "missing endpoints\n");
+ return -ENODEV;
+ }
+
dev_info(&udev->dev, "%s: Device matched ... !\n", __func__);
/* allocate memory for our device state and initialize it */
--
2.24.0
Hi Johan,
this is probably caused by the move of the driver to staging in
kernel release 5.3 half a year ago. If you want your patches to
apply to pre-5.3 stable releases you'll have to submit a version
with the paths changed from drivers/staging/isdn/gigaset to
drivers/isdn/gigaset.
HTH
Tilman
Am 01.12.2019 um 01:15 schrieb Sasha Levin:
> Hi,
>
> [This is an automated email]
>
> This commit has been processed because it contains a "Fixes:" tag,
> fixing commit: 07dc1f9f2f80 ("[PATCH] isdn4linux: Siemens Gigaset drivers - M105 USB DECT adapter").
>
> The bot has tested the following trees: v5.4.1, v5.3.14, v4.19.86, v4.14.156, v4.9.205, v4.4.205.
>
> v5.4.1: Build OK!
> v5.3.14: Build OK!
> v4.19.86: Failed to apply! Possible dependencies:
> Unable to calculate
>
> v4.14.156: Failed to apply! Possible dependencies:
> Unable to calculate
>
> v4.9.205: Failed to apply! Possible dependencies:
> Unable to calculate
>
> v4.4.205: Failed to apply! Possible dependencies:
> Unable to calculate
>
>
> NOTE: The patch will not be queued to stable trees until it is upstream.
>
> How should we proceed with this patch?
>
On Sun, Dec 01, 2019 at 01:30:42PM +0100, Tilman Schmidt wrote:
> Hi Johan,
>
> this is probably caused by the move of the driver to staging in
> kernel release 5.3 half a year ago. If you want your patches to
> apply to pre-5.3 stable releases you'll have to submit a version
> with the paths changed from drivers/staging/isdn/gigaset to
> drivers/isdn/gigaset.
That's trivial for me to do when they get added to the stable tree(s),
no need to worry about it.
thanks,
greg k-h
On Sun, Dec 01, 2019 at 01:41:56PM +0100, Greg Kroah-Hartman wrote:
> On Sun, Dec 01, 2019 at 01:30:42PM +0100, Tilman Schmidt wrote:
> > Hi Johan,
> >
> > this is probably caused by the move of the driver to staging in
> > kernel release 5.3 half a year ago. If you want your patches to
> > apply to pre-5.3 stable releases you'll have to submit a version
> > with the paths changed from drivers/staging/isdn/gigaset to
> > drivers/isdn/gigaset.
>
> That's trivial for me to do when they get added to the stable tree(s),
> no need to worry about it.
I'll be sending a v2 of this series shortly. Somehow I managed to
overlook usb_endpoint_is_bulk_in() and friends so patch 4/4 should no
longer be needed either.
Johan