Re: [PATCH] USB: s2255 & stkwebcam: fix oops with malicious USB descriptors

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



I am so sorry. I misunderstood the reason of  CVE-2016-2188.

Sorry again!!!

On Fri, Apr 12, 2019 at 5:07 PM Bjørn Mork <bjorn@xxxxxxx> wrote:
>
> Yang Xiao <92siuyang@xxxxxxxxx> writes:
>
> > If given malicious descritors that spcify 0 for the number of endpoints,
> > then there is a null pointer deference when calling function
> > usb_endpoint_is_bulk_in.
> >
> >        for (i = 0; i < iface_desc->desc.bNumEndpoints; ++i) {
>
> Try this:
>
> #include <stdio.h>
> int main()
> {
>         int i;
>         for (i=0; i<0; ++i)
>                 printf("%d\n");
>         return 0;
> }
>
> How many lines did it print?
>
>
> Bjørn




[Index of Archives]     [Linux Input]     [Video for Linux]     [Gstreamer Embedded]     [Mplayer Users]     [Linux USB Devel]     [Linux Audio Users]     [Linux Kernel]     [Linux SCSI]     [Yosemite Backpacking]

  Powered by Linux