Revision 00d6058ac93048b525b86fa48b413dcb87ac2728 authored by Ian Abbott on 26 June 2006, 10:44:22 UTC, committed by Greg Kroah-Hartman on 12 July 2006, 23:03:22 UTC
The anti user-DoS mechanism in the USB serial 'visor' driver can fail in the following way: visor_open: priv->outstanding_urbs = 0 visor_write: ++priv->outstanding_urbs visor_close: visor_open: priv->outstanding_urbs = 0 visor_write_bulk_callback: --priv->outstanding_urbs So priv->outstanding_urbs ends up as (unsigned long)(-1). Not good! I haven't seen this happen with the visor driver as I don't have the hardware, but I have seen it while testing a patch to implement the same functionality in the ftdi_sio driver (patch not yet submitted). The fix is pretty simple: don't reinitialize outstanding_urbs in visor_open. (Again, I haven't tested the fix in visor, but I have tested it in ftdi_sio.) Signed-off-by: Ian Abbott <abbotti@mev.co.uk> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
1 parent 5650b4d
File | Mode | Size |
---|---|---|
Documentation | ||
arch | ||
block | ||
crypto | ||
drivers | ||
fs | ||
include | ||
init | ||
ipc | ||
kernel | ||
lib | ||
mm | ||
net | ||
scripts | ||
security | ||
sound | ||
usr | ||
.gitignore | -rw-r--r-- | 462 bytes |
COPYING | -rw-r--r-- | 18.3 KB |
CREDITS | -rw-r--r-- | 87.4 KB |
Kbuild | -rw-r--r-- | 1.2 KB |
MAINTAINERS | -rw-r--r-- | 69.7 KB |
Makefile | -rw-r--r-- | 46.1 KB |
README | -rw-r--r-- | 16.2 KB |
REPORTING-BUGS | -rw-r--r-- | 3.0 KB |
![swh spinner](/static/img/swh-spinner.gif)
Computing file changes ...