[PATCH v1] HID: usbhid: Eliminate recurrent out-of-bounds bug in usbhid_parse()

Signed-off-by: Terry Junge --- v1: Remove unnecessary for loop searching for the report descriptor size. base-commit: 58c9bf3363e596d744f56616d407278ef5f97f5a P.S. This is an alternative to the solution proposed by Nikita Zhandarovich Link: https://lore.kernel.org/all/20250131151600.410242-1-n

Re: [PATCH v2] HID: usbhid: fix recurrent out-of-bounds bug in usbhid_parse()

s://lore.kernel.org/all/20240524120112.28076-1-n.zhandarov...@fintech.ru/ >>> >>> v2: Instead of essentially forcing usbhid_parse() to only check >>> the first descriptor, modify hid_descriptor struct to anticipate >>> multiple hid_class_descriptor in desc[] by utilizi

Re: [PATCH] HID: usbhid: fix recurrent out-of-bounds bug in usbhid_parse()

Sorry to join late and top post but I want to propose a direction change for this. According to the HID 1.11 specification section 6.2.1, the first element of the desc array must be the type and size of the mandatory report descriptor. There is no need to scan through the array to look for it.