lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Tue, 25 Sep 2012 15:12:33 +0530
From:	Vivek Gautam <gautamvivek1987@...il.com>
To:	Greg KH <greg@...ah.com>
Cc:	"Sebastian Gottschall (DD-WRT)" <s.gottschall@...wrt.com>,
	linux-kernel@...r.kernel.org, linux-usb@...r.kernel.org
Subject: Re: XHCI Bug discovered in 3.6-RC6 (solution included)

Hi

I have posted the required patch for this:
usb: host: xhci: Fix Null pointer dereferencing with 71c731a for non-x86 systems

Can we please get that in ?

On Tue, Sep 18, 2012 at 8:06 PM, Greg KH <greg@...ah.com> wrote:
> On Tue, Sep 18, 2012 at 02:51:57AM +0200, Sebastian Gottschall (DD-WRT) wrote:
>> this following function is missing a important NULL check. if DMI is
>> not available or not enabled in the kernel config (which is common
>> in my case, since its a ARM Platform with XHCI support)
>> the xhci-hcd driver will crash due nullpointer access since
>> dmi_get_system_info returns always NULL if DMI support is not
>> enabled.
>>
>> static bool compliance_mode_recovery_timer_quirk_check(void)
>> {
>>     const char *dmi_product_name, *dmi_sys_vendor;
>>
>>     dmi_product_name = dmi_get_system_info(DMI_PRODUCT_NAME);
>>     dmi_sys_vendor = dmi_get_system_info(DMI_SYS_VENDOR);
>>
>>     if (!(strstr(dmi_sys_vendor, "Hewlett-Packard")))
>>         return false;
>>
>>     if (strstr(dmi_product_name, "Z420") ||
>>             strstr(dmi_product_name, "Z620") ||
>>             strstr(dmi_product_name, "Z820"))
>>         return true;
>>
>>     return false;
>> }
>>
>> proposed patch: simply add
>>
>>  if (!dmi_sys_vendor || !dmi_product_name)
>>         return false;
>>
>> even better. disable the whole quirk handling for this case if
>> CONFIG_DMI is not set
>
> Care to send a patch to fix this up?
>
> thanks,
>
> greg k-h
> --
> To unsubscribe from this list: send the line "unsubscribe linux-usb" in
> the body of a message to majordomo@...r.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html

Thanks
vivek
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ