Received: by 10.213.65.68 with SMTP id h4csp971467imn; Fri, 6 Apr 2018 12:08:00 -0700 (PDT) X-Google-Smtp-Source: AIpwx48ixNguZ7NaKgjoZYz4XzsR5SL0VlMqNHoP+Wjapt4v9E0npUUu8LqBvbmvplR3XVO4mTCZ X-Received: by 10.99.174.6 with SMTP id q6mr18595749pgf.179.1523041679998; Fri, 06 Apr 2018 12:07:59 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1523041679; cv=none; d=google.com; s=arc-20160816; b=0igB8U3iQPwEspRI3nvj9tiL4X3byq9KUNbVoj/fe8PkZrwHm1DTf0OnrA8TRAkY4V 2H3a2+xm/ugc/zvj58Vff1DtxqpDpJgp3GnsUjIdbWQCUAZ9u55IBNByuKNrvSdftjKA aJV40FL7/jwlGncILF78uPL4V4xMV/9rd2Ai/fuo/ftArYhe1QG+96Ws0BZ3nZ/mooWW PJFoywyrin/2LxF6XVhgSR1Mc2y7XGwTIR5j2FC1anADD0vgD9FqB+8MXgx5hoWGINU2 nd4/mvIomLHta1pZOI7XKOlMYBd03LdmZcddtq+Qzx6VbmSEH7NvCt6mFcN2SXPXRnQ/ 2YqA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding :content-language:in-reply-to:mime-version:user-agent:date :message-id:autocrypt:openpgp:from:references:cc:to:subject :arc-authentication-results; bh=wSfCN30MFDnKvCUDN+2xqYQUAsZeDaidPdU6m4qhsRs=; b=BrpLPOsdd85pl4zFCfabAFzqXBaMaKH1BFgbKY9pUr8HXy0pnaGHm28vKDtJZwHl8N VBmI5zVO2iimI0BMzKcdsaEmX47u8QwrnBJVntsEyjLBV/l6GDrtTDMD+X1Jjv7U9IQo QlHixi2L1c/c1xnw2bSOYMWTdfSGO5Xtd1Bqj3bbdlEmjac+w8ONPRFASf3/lcbhldbo NQV4SsRdfOA8avlSdDkUiYkiE7BWQ7TzC7Jf4AAsUM0vMee3RLV4CKtBOeOwKRqmhM5Q vFRnMjBepQyLlMqlm4O/Gpd0z+6T9svV3irwW+fvck2V3PlC8AspiF/TN9rViSqn2tCH oazA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=samsung.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id b3-v6si9251364pld.2.2018.04.06.12.07.23; Fri, 06 Apr 2018 12:07:59 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=samsung.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751623AbeDFTBD (ORCPT + 99 others); Fri, 6 Apr 2018 15:01:03 -0400 Received: from osg.samsung.com ([64.30.133.232]:52976 "EHLO osg.samsung.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1750807AbeDFTBB (ORCPT ); Fri, 6 Apr 2018 15:01:01 -0400 Received: from localhost (localhost [127.0.0.1]) by osg.samsung.com (Postfix) with ESMTP id 5287033A15; Fri, 6 Apr 2018 12:01:00 -0700 (PDT) X-Virus-Scanned: Debian amavisd-new at dev.s-opensource.com Received: from osg.samsung.com ([127.0.0.1]) by localhost (localhost [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id n7dEFVMU3kVu; Fri, 6 Apr 2018 12:00:59 -0700 (PDT) Received: from [192.168.1.87] (c-24-9-64-241.hsd1.co.comcast.net [24.9.64.241]) by osg.samsung.com (Postfix) with ESMTPSA id D1F5733A0A; Fri, 6 Apr 2018 12:00:58 -0700 (PDT) Subject: Re: [PATCH] usbip: vhci_hcd: check rhport before using in vhci_hub_control() To: Sergei Shtylyov , valentina.manea.m@gmail.com, shuah@kernel.org, gregkh@linuxfoundation.org Cc: linux-usb@vger.kernel.org, linux-kernel@vger.kernel.org, Shuah Khan References: <20180405223149.24643-1-shuahkh@osg.samsung.com> <2bbe1e03-82e6-49c4-ca5b-30ada36a6e5a@cogentembedded.com> From: Shuah Khan Openpgp: preference=signencrypt Autocrypt: addr=shuahkh@osg.samsung.com; prefer-encrypt=mutual; keydata= xsFNBFIzbI0BEADtNDUjCT2vg2pVl9+XAwjq43AnDpggRIWjq8c82lcGgt9WYeQ2ezoGHADx 9XS5dP8OUdf2e1j2GtxOA9DpuAE6KNp9q4n2WHl9Q6Y06JwaXcMKlqH1WzAu8QWDou8KC8UL k+Ma/80uqlwQDmy+SDuLSLSPXP03P3NfKII8vAdREVTDfDzle+IKXDgYB8E5On1533QNVXdH rWQOU/SggOF8pGklv/a8VMR6KUYbkkkFy9wGLSLeBUx6ZfRkZSYBcAinwHLqWyDGB1993l1K y/FArlfEYLjKZ9od9ZGmnA3Ww9EMqpUUTP9b7a/sNuBhmsk5WVwMhMEtCxtIxHj0PVX8+m2R mj7mvdBukwsBOfu4ef0tK8CJHUNOXpWwNEl8LY1S+yJS/AZuwvzjpmfNQCzdixGG48oAeb11 9YKDCAUP0gjI44jZOiWb38jUn1SGqphW4i2jSiDi9R82mCtrcEXFHUuom2aRGyXEVdL9cEor 9/e4uaLDDZPGI4QqlbH6VoJkLzNFTAZnCKW9UsPXonQ7lP9hzH4+3sekYDkpmm2FcIXfVBRC XQPri2YuJtk/tgjuTC/5Y+b1itiI/xuKj7YmTYwFICUjYF9ehNe/6giG7zYZPIp2cr+oKwW5 OTo49wqTdUVm84gULn90p2YQlXnbcw81l+K09AvGj5BntvmjDQARAQABzSFTaHVhaCBLaGFu IDxzaHVhaEBnb25laGlraW5nLm9yZz7CwXoEEwECACQCGwMCHgECF4AFCwkIBwMFFQoJCAsF FgIDAQAFAlIzc34CGQEACgkQCwJExA0NQxyAmhAAiIg5u11jeZtK2T1cGqITPyrzMg+Mu5WB /8xKvbc8wYuStJ6mn84zedBzAjjpCUpdZBfGKGV4Piyj6RyVtPOUe1aze7xNl6jq2XodyHpz yCBpVozvQGlWdSO34vTA+iwmbQat4DDHoIjvuGf2gqMzSNXiP6KG0erKOP0l5wBGOgjRtJAn 6LSrxC/q7M0OKdSxOQpLd9JHc9MPhjRiEHJGxRTYwb93kzJVZTYVIi5ns709/VvR9dA2kcJx mE7AxFduFYEkndF1eS15YRHzPUgH6qlcmpd+BqFDd9Xr4qlEygcOKbUktAbi0iqGJZQiAm7k Bc1C/WLVmf6w1Hmd5kc+9JU4nYN3LzsvUHVkzY+XqaTkYYIlziRec40XvIDE6J55ByJYTO94 iBswwY7IwcxL1qUWrBDvJC8jJFtZw+hcuCZr8cwH9UpFRPejZ2iuXycLagtYAe6ppor8uepj FB3yJjrFwwe5XSxjAQyBRvGpzLjZTvSGfsJ6WUwE+7/my9Ab+wnDhebxEbyCuGoIQsNaA5qh JHL5xXEw0yVrYSiuBTuOVyTwZvyisvOWAnehIlVok+Oq372vjXitfAr43doeyKoQJkpKdcgD wMfU2Sxbiqvfqid/9g+GaySvA9jnkO11INvUqQAnFwQ8QjmzRCMRVK3/ZP4lQ8d4rkks+Rsy 7HvOwU0EUjNzxQEQALrsbTCFLIY0/JmCNZ4Wdy6iWdAYjLBqKVxLQ9hBD+y8cQ/tF183XfP/ oVQrRHiJXJHFN94KjL05g9ww4HHoqSq66f8nYFBtZ58kvhY1qgZDbnXaraz5dTN+um5jUTNp jmnqmVRiEs+UredmKUIQkQOnbY+sZNUPb25BX6ebdQ0p+aiJysJtO6fi/Au2K2PIj26RmwAK L2+DGSqFR183N8/XTBtb2qtFsvm1hO+jUtt7MB6+jf35AR+CDZd6c+ypqO+RpoS3G+5Cbiv0 D8jMQxWgZ8MTxAKlI5aUT2J2ep+cQxnm8J1NXM996MkUZE8+6CFeH8y/JftlsZ1dvaBs4eHC UqeE2xc6dFxrftDuDlFTtEDGCPmd/z5KWUAM0yX+pJXUiu4ljxtu0drdo/QfcNf4RTSw4JoI WE8WjHTnONfyMW860qJknddYB2/m+tpF4C/5ocNms3SaFYnMPOu1orn3imBMEeYmiX778FU+ CgZBIlftMwcY2+3EeWBTjbJdZnhJ0jD+akLRnjJWUXY9RtxYLS2D7nFZCiUiwjGrh+ctEs7U we4in7KOb1lZKykrH/DM70HgKRkSHnFqNSinbRA2ty8QoE04RIy56JNNgqDSthlgW/aY7Q4g d70eu5/GMuqvMAa8ONceuJZ6vEZ9vvPL0Boolac+I0hiS71KqqpvABEBAAHCwV8EGAECAAkF AlIzc8UCGwwACgkQCwJExA0NQxyxXxAAqaLaK7pYT+z89HDsIrgWIbOv1Fr+LuEWYLk9UFEm Y0S/Hl7WIII1XHnspeWauaA6XDQ14Lyw7ywmhwhbwfUPC+W2UXRZ/6azE+pxJYcde41pLXgY vBHrvs2thzsZNUHslwHoN/tNwRZLpg2tbRVCbjV7/xAWXl0WCmvOd0C5yMVKx4oQ6/Eg1EaW TiPpZ5DM0TKBQ99nzwx8yQs2AZSzgl/mx0e9jWFzsn0XiH8DJKiGK5biKiHN3gsorEULkAje /GqbYDQuHbT7khmKiLtLcXktV8OVTGAg+cJaHtmpRSUQ16Gji4IkZCt0ZTZclAs2EstECa5a zuehlSFo7wmVteR4/ox+qJvQjwI+CU2l4Rcz9l9QgAo5bhW74oQ4mcN3o9OzRo85e8DVaR8K jKe2BHpSRV7mpiRXQ/t7sNKZN3w8mMIXzq5xa+TFWaVHJfOLwKvtFpL/7gRBZV2+yqV/J35b CjTFOY1/+fA5hwODGBz/SiHv21t11Nnk6yg9Solpc4HG47V24h2lTwlEfIUTpuwhYG+LBY48 uPJXU+CdBcyHUwWSA/O1/vXMuJ6byXTbcwtrwBnIO3hoBfxIfGVIgzjwI+/PkDEyn3m0+IAX 7ipOURNtfmY71UIeV+kk2j9tHWlcx8yOmStvZ3JFpAuqgZhrDa9aAlaq9GyT/t3HsKs= Message-ID: <69017167-6e7a-dcaa-424e-38efed39596a@osg.samsung.com> Date: Fri, 6 Apr 2018 13:00:57 -0600 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.7.0 MIME-Version: 1.0 In-Reply-To: <2bbe1e03-82e6-49c4-ca5b-30ada36a6e5a@cogentembedded.com> Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 04/06/2018 02:01 AM, Sergei Shtylyov wrote: > Hello! > > On 4/6/2018 1:31 AM, Shuah Khan wrote: > >> Validate !rhport < 0 before using it to access port_status array. > >    Why '!'? > I should have explained it better in the commit log. rhport is set based on input wIndex which could be 0. This isn't the case for all the Request but some. wIndex is range checked in the code paths that it shouldn't be. The same applies to rhport in some request handling paths. Without the checks there is the potential for out of bounds access on port_status array. thanks, -- Shuah