On Thu, 2016-03-17 at 12:44 +0100, Oliver Neukum wrote:
> On Wed, 2016-03-16 at 10:41 -0400, Alan Stern wrote:
>
> > While adding your check to usb_driver_claim_interface() is a reasonable
> > thing to do, it might not solve all the problems. A driver might still
> > try to use the invalid interface pointer (perhaps when writing out an
> > error message). It would be best to audit all the places that call
> > usb_ifnum_to_if() or usb_altnum_to_altsetting() or
> > usb_find_alt_setting() to be certain they don't try to dereference a
> > NULL pointer.
>
> I concur. I am not looking forward to that.
usb_driver_claim_interface() is done. One vulnerable driver found.
Patch submitted.
Regards
Oliver
--
To unsubscribe from this list: send the line "unsubscribe linux-usb" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
