Received: by 2002:a05:6a10:a852:0:0:0:0 with SMTP id d18csp473415pxy;
        Wed, 5 May 2021 06:46:00 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJzzGtq4gur6Z1sljL7BM1hevxFO+ehIIyylmsuu9E+sLTg844W8kz+q10Pwi6roKPDSrr33
X-Received: by 2002:a17:906:87cc:: with SMTP id zb12mr28318501ejb.138.1620222360477;
        Wed, 05 May 2021 06:46:00 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1620222360; cv=none;
        d=google.com; s=arc-20160816;
        b=SZqtfIXacUON2JSqmpGIaFLlihmtZuzjgib2jjVtXT2saFNs5QWkF0i5QfF8pvfbUD
         dKJyInrSFp5UXrLArMhGkEDGEGPDEknPZK/iZA9Ghc+iMWAL3ZzYyhAEfzudiGDAVM6Q
         8PNCIDyEQ42Z0eXAYtZiDbze6PtKbCquzhaj0UyZq5UCeTvu2oHAC+Dwxc4GsVmMTQy1
         V+kg3ckJ6YUc4l0vWsP8pXpLtGw7JpL6pPPQ/dMGxEewBow+P/szkqfikiBCjfOunGre
         cUXfMr7b2A9lJRJntNl7y9MLupqekDuVAMgV3IN2xAdRwgCp5i6JlLYxWjUH3A/wJGaE
         996w==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:mime-version:user-agent:references:message-id
         :in-reply-to:subject:cc:to:from:date:dkim-signature;
        bh=OtxsVMWTQ7hshNnhzc9QfRt9G5mwYRFs++Kk+qGE+gs=;
        b=0718GxDHKp6qUfv4Wx4TRvPBV5bI6yGo9UP8PW2mm773IMEYL9942M8zhm0oiMKsho
         d+CUgtC/vQxUIMXQzVyJbmUnPYFSHGgRWPcoVJz0pQq9WYX6ttcrG/yv1tGM9dE7UPBc
         mOHTnWONnC5+Fgj0uthZKQM5R85xgZyYjzVEJ1lm+H5r/7sEWoYY3BINLWZccSbxPX1F
         BCYqMm2C7RzjgIYpEowz4+8yGHd9RBcMYdGqTvZk5LqtAP2wdkA2OOCjMO2IbRxZCkKL
         zEvs37Yasx0eVr31OLO5IGCEq1uyRoglBqt5E9zRdwTMlYzyNF0PN2ptsVl3Lf439WYu
         RINw==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@kernel.org header.s=k20201202 header.b=LAp8N+Nd;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18])
        by mx.google.com with ESMTP id p1si14343323edm.205.2021.05.05.06.45.36;
        Wed, 05 May 2021 06:46:00 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@kernel.org header.s=k20201202 header.b=LAp8N+Nd;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S233602AbhEEN3c (ORCPT <rfc822;liyi.pear@gmail.com> + 99 others);
        Wed, 5 May 2021 09:29:32 -0400
Received: from mail.kernel.org ([198.145.29.99]:38280 "EHLO mail.kernel.org"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S232626AbhEEN3b (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Wed, 5 May 2021 09:29:31 -0400
Received: by mail.kernel.org (Postfix) with ESMTPSA id 6BF8D6121F;
        Wed,  5 May 2021 13:28:33 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;
        s=k20201202; t=1620221315;
        bh=XruXOpQ6wk1MGWHgkFB3iuhkA4jJMCmzu3vUC8XzJ4M=;
        h=Date:From:To:cc:Subject:In-Reply-To:References:From;
        b=LAp8N+NdGcNdSz6GCpw2RKH5cAZom5NPGkWRfuDBgtGEGlKf9N9H1d532wxCkTvDZ
         mPq0clfTA5bR9uj5VRq2Z519SjX6NWuzQ4cptJ/fcLc4F6IafnJLXuJA2u6iG4rvKo
         2QKFew52Y64dXnyatpNLJurU5z82xYzZLkk1QIyeedNxBbv/W6VlrUUl3V4QMrC7D4
         1dso7sHv+uZcOMtFN5thYm/vgA/PmfeTw+qpXBz05fUzVcPKK5qDhyzcxcPHtA2aEj
         jmacfjleFZTswaq11csddjymUpht9AAxQIkajSbJ0NEhdGCZoV3Kar9CdyKmdI4ICf
         lNvIGqRtPCG6A==
Date:   Wed, 5 May 2021 15:28:31 +0200 (CEST)
From:   Jiri Kosina <jikos@kernel.org>
To:     Benjamin Tissoires <benjamin.tissoires@redhat.com>
cc:     Anirudh Rayabharam <mail@anirudhrb.com>,
        Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
        linux-kernel-mentees@lists.linuxfoundation.org,
        syzbot+7c2bb71996f95a82524c@syzkaller.appspotmail.com,
        Linux USB Mailing List <linux-usb@vger.kernel.org>,
        "open list:HID CORE LAYER" <linux-input@vger.kernel.org>,
        lkml <linux-kernel@vger.kernel.org>
Subject: Re: [PATCH] usbhid: fix info leak in hid_submit_ctrl
In-Reply-To: <CAO-hwJJ4u5NZ-81Tq3PGu-F9r3iUSCiKp=JUsTfuVsyd-Sxsew@mail.gmail.com>
Message-ID: <nycvar.YFH.7.76.2105051528090.28378@cbobk.fhfr.pm>
References: <20210425173353.10231-1-mail@anirudhrb.com> <nycvar.YFH.7.76.2105051442120.28378@cbobk.fhfr.pm> <CAO-hwJJ4u5NZ-81Tq3PGu-F9r3iUSCiKp=JUsTfuVsyd-Sxsew@mail.gmail.com>
User-Agent: Alpine 2.21 (LSU 202 2017-01-01)
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Wed, 5 May 2021, Benjamin Tissoires wrote:

> I don't have a reproducer like syzbot has for the exact bug here, as I 
> am relying on one real USB device to check if usbhid is not too broken. 
> However, the test suite should catch if there is an error implied by the 
> hid_report_len() change.

Yes, that was exactly what I wanted to check, sorry for not being verbose 
enough :)

> Anyway, I manually started the job and will report when it is done.

Thanks,

-- 
Jiri Kosina
SUSE Labs