On 26/06/06 11:44, Ian Abbott wrote: > From: Ian Abbott <[EMAIL PROTECTED]> > > The anti user-DoS mechanism in the USB serial 'visor' driver can fail in > the following way: > > visor_open: priv->outstanding_urbs = 0 > visor_write: ++priv->outstanding_urbs > visor_close: > visor_open: priv->outstanding_urbs = 0 > visor_write_bulk_callback: --priv->outstanding_urbs > > So priv->outstanding_urbs ends up as (unsigned long)(-1). Not good!
Actually, it's not quite as bad as that, as priv->outstanding_urbs is an int in visor.c. (It was an unsigned long in the ftdi_sio patch I was testing.) So in the case of the visor driver the only effect of the bug is that it will allow slightly more outstanding URBs (in theory up to twice as many) before the limiter kicks in. -- -=( Ian Abbott @ MEV Ltd. E-mail: <[EMAIL PROTECTED]> )=- -=( Tel: +44 (0)161 477 1898 FAX: +44 (0)161 718 3587 )=- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 _______________________________________________ [email protected] To unsubscribe, use the last form field at: https://lists.sourceforge.net/lists/listinfo/linux-usb-devel
