Closed cbiffle closed 3 years ago
Is this repo a mirror, and I need to go elsewhere? This patch fixes a use of uninitialized stack memory controlled by data sent back by the device...
Would it be an alternative to truncate the string to what is sent back and only add "(truncated)" or "(malformed descriptor)" or something? Strictly it is an error but if the user wants to get as much information as possible from the device, we could be helpful.
Should now be fixed with e3a98cd4870e ("usbmisc: initialize string buffer before reading from device.") instead.
Thanks for reporting this!
This fixes a read out of bounds when a misbehaving USB device describes its string as being longer than what it actually sends back. Noticed this because libusb kept saying things like
Notice how the same string changes? That's because it's actually only six characters long; the rest is uninitialized stack memory.
Such malformed strings now print as (error).
Signed-off-by: Cliff L. Biffle code@cliffle.com