CVS commit: src/sys/dev/usb

To: source-changes%NetBSD.org@localhost
Subject: CVS commit: src/sys/dev/usb
From: "Maxime Villard" <maxv%netbsd.org@localhost>
Date: Sun, 31 May 2020 17:52:59 +0000

Module Name:    src
Committed By:   maxv
Date:           Sun May 31 17:52:59 UTC 2020

Modified Files:
        src/sys/dev/usb: usb_subr.c

Log Message:
If we failed because we didn't encounter an endpoint, do not attempt to
read 'ed', because its value is past the end of the buffer, and we thus
perform out-of-bounds accesses.

Detected thanks to vHCI+KASAN. First bug found by USB fuzzing.

Reported-by: syzbot+59e7f6b3f353584ac810%syzkaller.appspotmail.com@localhost


To generate a diff of this commit:
cvs rdiff -u -r1.244 -r1.245 src/sys/dev/usb/usb_subr.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Prev by Date: CVS commit: src/external/mpl/bind/dist/lib/isc/unix
Next by Date: CVS commit: src/sys/dev/usb
Previous by Thread: CVS commit: src/external/mpl/bind/dist/lib/isc/unix
Next by Thread: CVS commit: src/sys/dev/usb
Indexes:

Home | Main Index | Thread Index | Old Index