Fix buffer overflow - Githubissues

STMicroelectronics / stm32-mw-usb-host

Provides the USB Host library part of the STM32Cube MCU Component "middleware" for all STM32xx series.

Other

32 stars 15 forks source link

Fix buffer overflow #3

Closed Defonceuse closed 2 years ago

Defonceuse commented 2 years ago

In case the descriptor contains more endpoints than USBH_MAX_NUM_ENDPOINTS the Ep_Desc array and subsequent members of USBH_HandleTypeDef that contains function pointers are overwritten allowing arbitrary code execution.

IMPORTANT INFORMATION

Contributor License Agreement (CLA)

The Pull Request feature will be considered by STMicroelectronics after the signature of a Contributor License Agreement (CLA) by the submitter.
If you did not sign such agreement, please follow the steps mentioned in the CONTRIBUTING.md file.

ST-dot-com commented 2 years ago

This pull request has been refused, the Contribution License Agreement must be signed.