Closed edgetriggered closed 1 year ago
The sizeof(buf) passed to libusb_bulk_transfer was previously the size of the pointer returned from calloc rather than intended 64k BUF_SIZE, resulting in libusb either returning -EOVERFLOW or happily performing an out of bounds operation.
sizeof(buf)
libusb_bulk_transfer
calloc
BUF_SIZE
The
sizeof(buf)
passed tolibusb_bulk_transfer
was previously the size of the pointer returned fromcalloc
rather than intended 64kBUF_SIZE
, resulting in libusb either returning -EOVERFLOW or happily performing an out of bounds operation.