projects / pve-qemu-kvm.git / blame
| Commit | Line | Data |
|---|---|---|
| f9224757 WB |
1 | From f979659e509e9d6da5cd3d74c459b944e131ce73 Mon Sep 17 00:00:00 2001 |
| 2 | From: Prasad J Pandit <pjp@fedoraproject.org> | |
| 3 | Date: Thu, 11 Feb 2016 16:31:20 +0530 | |
| 4 | Subject: [PATCH] usb: check USB configuration descriptor object | |
| 5 | ||
| 6 | When processing remote NDIS control message packets, the USB Net | |
| 7 | device emulator checks to see if the USB configuration descriptor | |
| 8 | object is of RNDIS type(2). But it does not check if it is null, | |
| 9 | which leads to a null dereference error. Add check to avoid it. | |
| 10 | ||
| 11 | Reported-by: Qinghao Tang <luodalongde@gmail.com> | |
| 12 | Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org> | |
| 13 | --- | |
| 14 | hw/usb/dev-network.c | 3 ++- | |
| 15 | 1 file changed, 2 insertions(+), 1 deletion(-) | |
| 16 | ||
| 17 | diff --git a/hw/usb/dev-network.c b/hw/usb/dev-network.c | |
| 18 | index 7800cee..8a4ff49 100644 | |
| 19 | --- a/hw/usb/dev-network.c | |
| 20 | +++ b/hw/usb/dev-network.c | |
| 21 | @@ -653,7 +653,8 @@ typedef struct USBNetState { | |
| 22 | ||
| 23 | static int is_rndis(USBNetState *s) | |
| 24 | { | |
| 25 | - return s->dev.config->bConfigurationValue == DEV_RNDIS_CONFIG_VALUE; | |
| 26 | + return s->dev.config ? | |
| 27 | + s->dev.config->bConfigurationValue == DEV_RNDIS_CONFIG_VALUE : 0; | |
| 28 | } | |
| 29 | ||
| 30 | static int ndis_query(USBNetState *s, uint32_t oid, | |
| 31 | -- | |
| 32 | 2.1.4 | |
| 33 |