We have a touch device that reports its opens and shorts test results
in HID buffers of size 8184 bytes. With this patch we're able to
successfully obtain these reports.
Alan Stern: Your commit 8ec321e96e05 ("HID: Fix slab-out-of-bounds
read in hid_field_extract") states:
"This patch fixes the problem by rejecting any report whose total
length exceeds the HID_MAX_BUFFER_SIZE limit (minus one byte to allow
for a possible report index). In theory a device could have a report
longer than that, but if there was such a thing we wouldn't handle it
correctly anyway."
Is this something we have to worry about when increasing the buffer
size? Or are you referring to the fact that we previously truncated
the reports if they exceeded max buffer size?
Signed-off-by: Johan Korsnes <jkorsnes@xxxxxxxxx>
Cc: Alan Stern <stern@xxxxxxxxxxxxxxxxxxx>
Cc: Armando Visconti <armando.visconti@xxxxxx>
Cc: Jiri Kosina <jkosina@xxxxxxx>
---
include/linux/hid.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/include/linux/hid.h b/include/linux/hid.h
index cd41f209043f..875f71132b14 100644
--- a/include/linux/hid.h
+++ b/include/linux/hid.h
@@ -492,7 +492,7 @@ struct hid_report_enum {
};
#define HID_MIN_BUFFER_SIZE 64 /* make sure there is at least a packet size of space */
-#define HID_MAX_BUFFER_SIZE 4096 /* 4kb */
+#define HID_MAX_BUFFER_SIZE 8192 /* 8kb */
#define HID_CONTROL_FIFO_SIZE 256 /* to init devices with >100 reports */
#define HID_OUTPUT_FIFO_SIZE 64
--
2.24.1
