linux/drivers/usb
Dongliang Mu bce2b05399 usb: idmouse: fix an uninit-value in idmouse_open
In idmouse_create_image, if any ftip_command fails, it will
go to the reset label. However, this leads to the data in
bulk_in_buffer[HEADER..IMGSIZE] uninitialized. And the check
for valid image incurs an uninitialized dereference.

Fix this by moving the check before reset label since this
check only be valid if the data after bulk_in_buffer[HEADER]
has concrete data.

Note that this is found by KMSAN, so only kernel compilation
is tested.

Reported-by: syzbot+79832d33eb89fb3cd092@syzkaller.appspotmail.com
Signed-off-by: Dongliang Mu <mudongliangabcd@gmail.com>
Link: https://lore.kernel.org/r/20220922134847.1101921-1-dzm91@hust.edu.cn
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2022-09-27 10:37:09 +02:00
..
atm usb: move from strlcpy with unused retval to strscpy 2022-08-19 11:08:54 +02:00
c67x00 USB: c67x00: remove unnecessary check of res 2022-05-12 11:36:46 +02:00
cdns3 usb: cdns3: remove dead code 2022-09-27 10:36:36 +02:00
chipidea usb: chipidea: make configs for glue drivers visible with EXPERT 2022-09-08 13:32:50 +02:00
class usb: cdc-wdm: Use skb_put_data() instead of skb_put/memcpy pair 2022-09-27 10:36:33 +02:00
common usb: ulpi: use DEFINE_SHOW_ATTRIBUTE to simplify ulpi_regs 2022-09-27 10:36:54 +02:00
core Merge 6.0-rc7 into usb-next 2022-09-26 10:38:21 +02:00
dwc2 usb: dwc2: Remove redundant license text 2022-09-22 15:52:29 +02:00
dwc3 Merge 6.0-rc7 into usb-next 2022-09-26 10:38:21 +02:00
early usb: early: xhci-dbc: Fix xdbc number parsing 2022-03-15 18:20:34 +01:00
gadget usb: gadget: uvc: add v4l2 try_format api call 2022-09-22 15:52:30 +02:00
host xhci: remove unused lpm_failed_dev member from struct xhci_hcd 2022-09-22 15:52:29 +02:00
image usb/image: fix repeated words in comments 2022-07-27 14:33:53 +02:00
isp1760 usb: isp1760: Fix out-of-bounds array access 2022-05-19 18:10:59 +02:00
misc usb: idmouse: fix an uninit-value in idmouse_open 2022-09-27 10:37:09 +02:00
mon usb: mon: make mmapped memory read only 2022-09-22 15:52:29 +02:00
mtu3 Tracing updates for 5.20 / 6.0 2022-08-05 09:41:12 -07:00
musb usb: musb: sunxi: Switch to use dev_err_probe() helper 2022-09-27 10:36:07 +02:00
phy USB: PHY: JZ4770: Switch to use dev_err_probe() helper 2022-09-27 10:37:00 +02:00
renesas_usbhs usb: renesas: Fix refcount leak bug 2022-06-21 16:39:03 +02:00
roles
serial Merge 6.0-rc7 into usb-next 2022-09-26 10:38:21 +02:00
storage Revert "usb: storage: Add quirk for Samsung Fit flash" 2022-09-22 15:52:31 +02:00
typec usb: typec: fusb302: Switch to use dev_err_probe() helper 2022-09-27 10:35:53 +02:00
usbip usbip: add USBIP_URB_* URB transfer flags 2022-08-31 09:07:53 +02:00
Kconfig usb: remove reference to deleted config STB03xxx 2021-08-18 15:32:19 +02:00
Makefile usb: host: remove line for obsolete config USB_HWA_HCD 2021-08-18 15:32:19 +02:00
usb-skeleton.c usb: usb-skeleton: Update min() to min_t() 2021-10-05 12:56:48 +02:00