Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/sys/dev/usb usbdi(9): Fix mistake in previous change to usbd...
details: https://anonhg.NetBSD.org/src/rev/2cc754335598
branches: trunk
changeset: 363479:2cc754335598
user: riastradh <riastradh%NetBSD.org@localhost>
date: Sun Mar 13 13:18:22 2022 +0000
description:
usbdi(9): Fix mistake in previous change to usbd_fill_iface_data.
The previous change stopped and rejected any descriptors smaller than
an endpoint descriptor. Restore the previous behaviour: just skip
over them (but it will now reject descriptors that are smaller than
_any_ descriptor, which is legitimately a hardware error).
diffstat:
sys/dev/usb/usb_subr.c | 44 +++++++++++++++++++++++---------------------
1 files changed, 23 insertions(+), 21 deletions(-)
diffs (81 lines):
diff -r 00817165837e -r 2cc754335598 sys/dev/usb/usb_subr.c
--- a/sys/dev/usb/usb_subr.c Sun Mar 13 13:07:39 2022 +0000
+++ b/sys/dev/usb/usb_subr.c Sun Mar 13 13:18:22 2022 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: usb_subr.c,v 1.272 2022/03/13 11:30:12 riastradh Exp $ */
+/* $NetBSD: usb_subr.c,v 1.273 2022/03/13 13:18:22 riastradh Exp $ */
/* $FreeBSD: src/sys/dev/usb/usb_subr.c,v 1.18 1999/11/17 22:33:47 n_hibma Exp $ */
/*
@@ -32,7 +32,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: usb_subr.c,v 1.272 2022/03/13 11:30:12 riastradh Exp $");
+__KERNEL_RCSID(0, "$NetBSD: usb_subr.c,v 1.273 2022/03/13 13:18:22 riastradh Exp $");
#ifdef _KERNEL_OPT
#include "opt_compat_netbsd.h"
@@ -531,7 +531,9 @@
USBHIST_CALLARGS(usbdebug, "ifaceidx=%jd altidx=%jd",
ifaceidx, altidx, 0, 0);
struct usbd_interface *ifc = &dev->ud_ifaces[ifaceidx];
+ usb_descriptor_t *desc;
usb_interface_descriptor_t *idesc;
+ usb_endpoint_descriptor_t *ed;
struct usbd_endpoint *endpoints;
char *p, *end;
int endpt, nendpt;
@@ -556,33 +558,33 @@
KASSERTMSG((char *)dev->ud_cdesc <= (char *)idesc, "cdesc=%p idesc=%p",
dev->ud_cdesc, idesc);
KASSERTMSG((char *)idesc < end, "idesc=%p end=%p", idesc, end);
-#define ed ((usb_endpoint_descriptor_t *)p)
for (endpt = 0; endpt < nendpt; endpt++) {
DPRINTFN(10, "endpt=%jd", endpt, 0, 0, 0);
- for (; end - p >= sizeof(*ed); p += ed->bLength) {
+ for (; end - p >= sizeof(*desc); p += desc->bLength) {
DPRINTFN(10, "p=%#jx end=%#jx len=%jd type=%jd",
- (uintptr_t)p, (uintptr_t)end, ed->bLength,
- ed->bDescriptorType);
- if (ed->bLength < sizeof(*ed) ||
- ed->bLength > end - p ||
- ed->bDescriptorType == UDESC_INTERFACE)
- break;
- if (ed->bLength >= USB_ENDPOINT_DESCRIPTOR_SIZE &&
- ed->bDescriptorType == UDESC_ENDPOINT)
- goto found;
- }
- /* passed end, or bad desc */
- if (end - p >= sizeof(*ed)) {
- if (ed->bLength == 0) {
- printf("%s: bad descriptor: 0 length\n",
+ (uintptr_t)p, (uintptr_t)end, desc->bLength,
+ desc->bDescriptorType);
+ desc = (usb_descriptor_t *)p;
+ if (desc->bLength < sizeof(*desc)) {
+ printf("%s: bad descriptor: too short\n",
__func__);
- } else {
+ goto bad;
+ } else if (desc->bLength > end - p) {
+ printf("%s: bad descriptor: too long\n",
+ __func__);
+ goto bad;
+ } else if (desc->bDescriptorType == UDESC_INTERFACE) {
printf("%s: bad descriptor: iface desc\n",
__func__);
+ goto bad;
}
- } else {
- printf("%s: no desc found\n", __func__);
+ if (desc->bLength >= USB_ENDPOINT_DESCRIPTOR_SIZE &&
+ desc->bDescriptorType == UDESC_ENDPOINT) {
+ ed = (usb_endpoint_descriptor_t *)p;
+ goto found;
+ }
}
+ printf("%s: no desc found\n", __func__);
goto bad;
found:
endpoints[endpt].ue_edesc = ed;
Home |
Main Index |
Thread Index |
Old Index