NULL pointer dereferrence will happen when class driver wants to allocate zero length buffer and pool_max[0] can't be used, so simply returns NULL in the case. Signed-off-by: Chunfeng Yun <chunfeng.yun@xxxxxxxxxxxx> --- drivers/usb/core/buffer.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/drivers/usb/core/buffer.c b/drivers/usb/core/buffer.c index 2741566..98e39f9 100644 --- a/drivers/usb/core/buffer.c +++ b/drivers/usb/core/buffer.c @@ -122,6 +122,9 @@ void *hcd_buffer_alloc( struct usb_hcd *hcd = bus_to_hcd(bus); int i; + if (size == 0) + return NULL; + /* some USB hosts just use PIO */ if (!IS_ENABLED(CONFIG_HAS_DMA) || (!bus->controller->dma_mask && -- 1.7.9.5 -- To unsubscribe from this list: send the line "unsubscribe linux-usb" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
