When the Apple Magic Trackpad 2 is connected over USB it registers four
hid_device interfaces, however, the driver only handles the one with
type HID_TYPE_USBMOUSE and ignores the other three, thus, no driver
data is attached to them.
When the device is disconnected, the remove method is called for the
four hid_device interfaces, crashing when the driver data is NULL.
Check that the driver data is not NULL before using it on the remove
callback.
Signed-off-by: José Expósito <[email protected]>
---
linux/drivers/hid/hid-magicmouse.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/linux/drivers/hid/hid-magicmouse.c b/linux/drivers/hid/hid-magicmouse.c
index 2bb473d..097870e 100644
--- a/linux/drivers/hid/hid-magicmouse.c
+++ b/linux/drivers/hid/hid-magicmouse.c
@@ -779,7 +779,10 @@ err_stop_hw:
static void magicmouse_remove(struct hid_device *hdev)
{
struct magicmouse_sc *msc = hid_get_drvdata(hdev);
- cancel_delayed_work_sync(&msc->work);
+
+ if (msc)
+ cancel_delayed_work_sync(&msc->work);
+
hid_hw_stop(hdev);
}
--
2.25.1
When the Apple Magic Trackpad 2 is connected over USB it registers four
hid_device report descriptors, however, the driver only handles the one
with type HID_TYPE_USBMOUSE and ignores the other three, thus, no driver
data is attached to them.
When the device is disconnected, the remove callback is called for the
four hid_device report descriptors, crashing when the driver data is
NULL.
Check that the driver data is not NULL before using it in the remove
callback.
Signed-off-by: José Expósito <[email protected]>
---
drivers/hid/hid-magicmouse.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/drivers/hid/hid-magicmouse.c b/drivers/hid/hid-magicmouse.c
index 2bb473d8c424..097870e43cfe 100644
--- a/drivers/hid/hid-magicmouse.c
+++ b/drivers/hid/hid-magicmouse.c
@@ -779,7 +779,10 @@ static int magicmouse_probe(struct hid_device *hdev,
static void magicmouse_remove(struct hid_device *hdev)
{
struct magicmouse_sc *msc = hid_get_drvdata(hdev);
- cancel_delayed_work_sync(&msc->work);
+
+ if (msc)
+ cancel_delayed_work_sync(&msc->work);
+
hid_hw_stop(hdev);
}
--
2.25.1
On Mon, 10 May 2021, José Expósito wrote:
> When the Apple Magic Trackpad 2 is connected over USB it registers four
> hid_device report descriptors, however, the driver only handles the one
> with type HID_TYPE_USBMOUSE and ignores the other three, thus, no driver
> data is attached to them.
>
> When the device is disconnected, the remove callback is called for the
> four hid_device report descriptors, crashing when the driver data is
> NULL.
>
> Check that the driver data is not NULL before using it in the remove
> callback.
Applied, thank you.
--
Jiri Kosina
SUSE Labs