Revision 00d6058ac93048b525b86fa48b413dcb87ac2728 authored by Ian Abbott on 26 June 2006, 10:44:22 UTC, committed by Greg Kroah-Hartman on 12 July 2006, 23:03:22 UTC
The anti user-DoS mechanism in the USB serial 'visor' driver can fail in the following way: visor_open: priv->outstanding_urbs = 0 visor_write: ++priv->outstanding_urbs visor_close: visor_open: priv->outstanding_urbs = 0 visor_write_bulk_callback: --priv->outstanding_urbs So priv->outstanding_urbs ends up as (unsigned long)(-1). Not good! I haven't seen this happen with the visor driver as I don't have the hardware, but I have seen it while testing a patch to implement the same functionality in the ftdi_sio driver (patch not yet submitted). The fix is pretty simple: don't reinitialize outstanding_urbs in visor_open. (Again, I haven't tested the fix in visor, but I have tested it in ftdi_sio.) Signed-off-by: Ian Abbott <abbotti@mev.co.uk> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
1 parent 5650b4d
| File | Mode | Size |
|---|---|---|
| Kconfig | -rw-r--r-- | 10.5 KB |
| Makefile | -rw-r--r-- | 1.1 KB |
| aes.c | -rw-r--r-- | 11.6 KB |
| anubis.c | -rw-r--r-- | 27.8 KB |
| api.c | -rw-r--r-- | 6.4 KB |
| arc4.c | -rw-r--r-- | 2.1 KB |
| blowfish.c | -rw-r--r-- | 17.5 KB |
| cast5.c | -rw-r--r-- | 34.2 KB |
| cast6.c | -rw-r--r-- | 21.5 KB |
| cipher.c | -rw-r--r-- | 11.1 KB |
| compress.c | -rw-r--r-- | 1.5 KB |
| crc32c.c | -rw-r--r-- | 2.5 KB |
| crypto_null.c | -rw-r--r-- | 3.3 KB |
| deflate.c | -rw-r--r-- | 5.4 KB |
| des.c | -rw-r--r-- | 35.4 KB |
| digest.c | -rw-r--r-- | 2.8 KB |
| hmac.c | -rw-r--r-- | 3.1 KB |
| internal.h | -rw-r--r-- | 2.8 KB |
| khazad.c | -rw-r--r-- | 51.9 KB |
| md4.c | -rw-r--r-- | 6.2 KB |
| md5.c | -rw-r--r-- | 7.2 KB |
| michael_mic.c | -rw-r--r-- | 3.5 KB |
| proc.c | -rw-r--r-- | 2.8 KB |
| scatterwalk.c | -rw-r--r-- | 2.8 KB |
| scatterwalk.h | -rw-r--r-- | 2.0 KB |
| serpent.c | -rw-r--r-- | 20.0 KB |
| sha1.c | -rw-r--r-- | 3.1 KB |
| sha256.c | -rw-r--r-- | 11.0 KB |
| sha512.c | -rw-r--r-- | 10.3 KB |
| tcrypt.c | -rw-r--r-- | 34.3 KB |
| tcrypt.h | -rw-r--r-- | 103.9 KB |
| tea.c | -rw-r--r-- | 7.3 KB |
| tgr192.c | -rw-r--r-- | 31.1 KB |
| twofish.c | -rw-r--r-- | 45.0 KB |
| wp512.c | -rw-r--r-- | 60.3 KB |
Computing file changes ...
