Thread (2 messages) 2 messages, 2 authors, 2018-04-09

Re: [PATCH] hidraw: Fix crash on HIDIOCGFEATURE with a destroyed device

From: Jiri Kosina <jikos@kernel.org>
Date: 2018-04-09 07:30:51
Also in: lkml 

On Fri, 6 Apr 2018, Rodrigo Rivas Costa wrote:

Doing `ioctl(HIDIOCGFEATURE)` in a tight loop on a hidraw device
and then disconnecting the device, or unloading the driver, can
cause a NULL pointer dereference.

When a hidraw device is destroyed it sets 0 to `dev->exist`.
Most functions check 'dev->exist' before doing its work, but
`hidraw_get_report()` was missing that check.

Signed-off-by: Rodrigo Rivas Costa <redacted>
Applied, thank you.

-- 
Jiri Kosina
SUSE Labs
Keyboard shortcuts
hback out one level
jnext message in thread
kprevious message in thread
ldrill in
Escclose help / fold thread tree
?toggle this help