brain-hackers_pepepper-mirror/linux-brain
1
0
Fork 0
mirror of https://github.com/brain-hackers/linux-brain.git synced 2024-06-09 15:26:21 +09:00
Code Issues Projects Releases Wiki Activity
4.14.x+fslc
linux-brain/sound/usb
History
Takashi Iwai 73e6a383d1 ALSA: bcd2000: Add a sanity check for invalid EPs 
commit 6815a0b444 upstream.

As syzkaller spotted, currently bcd2000 driver submits a URB with the
fixed EP without checking whether it's actually available, which may
result in a kernel warning like:
  usb 1-1: BOGUS urb xfer, pipe 1 != type 3
  ------------[ cut here ]------------
  WARNING: CPU: 0 PID: 1846 at drivers/usb/core/urb.c:449
  usb_submit_urb+0xf8a/0x11d0
  Modules linked in:
  CPU: 0 PID: 1846 Comm: kworker/0:2 Not tainted
  4.14.0-rc2-42613-g1488251d1a98 #238
  Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Bochs 01/01/2011
  Workqueue: usb_hub_wq hub_event
  Call Trace:
   bcd2000_init_device sound/usb/bcd2000/bcd2000.c:289
   bcd2000_init_midi sound/usb/bcd2000/bcd2000.c:345
   bcd2000_probe+0xe64/0x19e0 sound/usb/bcd2000/bcd2000.c:406
   usb_probe_interface+0x35d/0x8e0 drivers/usb/core/driver.c:361
   ....

This patch adds a sanity check of validity of EPs at the device
initialization phase for avoiding the call with an invalid EP.

Reported-by: Andrey Konovalov <andreyknvl@google.com>
Tested-by: Andrey Konovalov <andreyknvl@google.com>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2018-02-25 11:07:48 +01:00
..
6fire ALSA: 6fire: Use common error handling code in usb6fire_chip_probe() 2017-09-07 10:29:35 +02:00
bcd2000 ALSA: bcd2000: Add a sanity check for invalid EPs 2018-02-25 11:07:48 +01:00
caiaq ALSA: caiaq: Add a sanity check for invalid EPs 2018-02-25 11:07:48 +01:00
hiface ALSA: usb: constify snd_pcm_ops structures 2017-08-19 11:02:27 +02:00
line6 ALSA: line6: Add a sanity check for invalid EPs 2018-02-25 11:07:48 +01:00
misc ALSA: usb: constify snd_pcm_ops structures 2017-08-19 11:02:27 +02:00
usx2y License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
card.c ALSA: usb-audio: Check out-of-bounds access by corrupted buffer descriptor 2017-09-22 16:21:31 +02:00
card.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
clock.c ALSA: usb-audio: Add sanity checks in v2 clock parsers 2017-11-30 08:40:48 +00:00
clock.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
debug.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
endpoint.c ALSA: usb-audio: test EP_FLAG_RUNNING at urb completion 2017-01-05 07:35:17 +01:00
endpoint.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
format.c ALSA: usb-audio: rmove print for failure of kmalloc 2016-08-22 11:41:02 +02:00
format.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
helper.c ALSA: usb-audio: correct speed checking 2016-05-08 11:42:04 +02:00
helper.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
Kconfig ALSA: us122l: enable compile testing 2017-05-15 11:02:14 +02:00
Makefile License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
midi.c ALSA: usb-audio: Put missing KERN_CONT prefix 2017-08-31 11:02:13 +02:00
midi.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
mixer_maps.c ALSA: usb-audio: Change structure initialisation to C99 style 2016-06-17 16:58:41 +02:00
mixer_quirks.c ALSA: usb-audio: Add mute TLV for playback volumes on C-Media devices 2017-08-17 17:52:16 +02:00
mixer_quirks.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
mixer_scarlett.c ALSA: usb-audio: constify snd_kcontrol_new structures 2017-02-21 22:02:03 +01:00
mixer_scarlett.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
mixer_us16x08.c ALSA: usb: Avoid VLA in mixer_us16x08.c 2017-05-31 08:46:19 +02:00
mixer_us16x08.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
mixer.c ALSA: usb-audio: Fix UAC2 get_ctl request with a RANGE attribute 2018-02-22 15:42:30 +01:00
mixer.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
pcm.c ALSA: usb-audio: add implicit fb quirk for Behringer UFX1204 2018-02-22 15:42:31 +01:00
pcm.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
power.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
proc.c ALSA: usb-audio: Avoid nested autoresume calls 2015-08-26 15:38:25 +02:00
proc.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
quirks-table.h ALSA: usb-audio: Add quirk for Syntek STK1160 2016-10-27 12:07:19 +02:00
quirks.c ALSA: usb: add more device quirks for USB DSD devices 2018-02-22 15:42:31 +01:00
quirks.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
stream.c ALSA: usb: Delete an error message for a failed memory allocation in two functions 2017-08-12 23:20:55 +02:00
stream.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
usbaudio.h Merge branch 'for-linus' into for-next 2016-05-10 16:06:04 +02:00