ChangeSet 1.1939.1.70, 2004/09/29 16:20:23-07:00, [EMAIL PROTECTED]
[PATCH] USB: handle usb host allocation failures gracefully
It looks like a host (like ohci or whatever) could try to allocate a new
usb_device structure with usb_alloc_dev and get back a valid pointer even if
the allocation of its private data failed. I first saw this in the 2.4
sources, but it looks like 2.6 has the same problem. This patch attempts to
fix it by freeing dev if the ->allocate() routine fails, and then returns
NULL instead of a potentially dangerous dev pointer.
Signed-off-by: Jesse Barnes <[EMAIL PROTECTED]>
Signed-off-by: Greg Kroah-Hartman <[EMAIL PROTECTED]>
drivers/usb/core/usb.c | 5 ++++-
1 files changed, 4 insertions(+), 1 deletion(-)
diff -Nru a/drivers/usb/core/usb.c b/drivers/usb/core/usb.c
--- a/drivers/usb/core/usb.c 2004-10-19 08:07:25 -07:00
+++ b/drivers/usb/core/usb.c 2004-10-19 08:07:25 -07:00
@@ -775,7 +775,10 @@
init_MUTEX(&dev->serialize);
if (dev->bus->op->allocate)
- dev->bus->op->allocate(dev);
+ if (dev->bus->op->allocate(dev)) {
+ kfree(dev);
+ return NULL;
+ }
return dev;
}
-------------------------------------------------------
This SF.net email is sponsored by: IT Product Guide on ITManagersJournal
Use IT products in your business? Tell us what you think of them. Give us
Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out more
http://productguide.itmanagersjournal.com/guidepromo.tmpl
_______________________________________________
[EMAIL PROTECTED]
To unsubscribe, use the last form field at:
https://lists.sourceforge.net/lists/listinfo/linux-usb-devel
