Revision 00d6058ac93048b525b86fa48b413dcb87ac2728 authored by Ian Abbott on 26 June 2006, 10:44:22 UTC, committed by Greg Kroah-Hartman on 12 July 2006, 23:03:22 UTC
The anti user-DoS mechanism in the USB serial 'visor' driver can fail in the following way: visor_open: priv->outstanding_urbs = 0 visor_write: ++priv->outstanding_urbs visor_close: visor_open: priv->outstanding_urbs = 0 visor_write_bulk_callback: --priv->outstanding_urbs So priv->outstanding_urbs ends up as (unsigned long)(-1). Not good! I haven't seen this happen with the visor driver as I don't have the hardware, but I have seen it while testing a patch to implement the same functionality in the ftdi_sio driver (patch not yet submitted). The fix is pretty simple: don't reinitialize outstanding_urbs in visor_open. (Again, I haven't tested the fix in visor, but I have tested it in ftdi_sio.) Signed-off-by: Ian Abbott <abbotti@mev.co.uk> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
1 parent 5650b4d
| File | Mode | Size |
|---|---|---|
| Documentation | ||
| arch | ||
| block | ||
| crypto | ||
| drivers | ||
| fs | ||
| include | ||
| init | ||
| ipc | ||
| kernel | ||
| lib | ||
| mm | ||
| net | ||
| scripts | ||
| security | ||
| sound | ||
| usr | ||
| .gitignore | -rw-r--r-- | 462 bytes |
| COPYING | -rw-r--r-- | 18.3 KB |
| CREDITS | -rw-r--r-- | 87.4 KB |
| Kbuild | -rw-r--r-- | 1.2 KB |
| MAINTAINERS | -rw-r--r-- | 69.7 KB |
| Makefile | -rw-r--r-- | 46.1 KB |
| README | -rw-r--r-- | 16.2 KB |
| REPORTING-BUGS | -rw-r--r-- | 3.0 KB |
Computing file changes ...
