On Mon, Feb 24, 2025 at 02:53:59PM +0530, Prashanth K wrote:
On 24-02-25 02:36 pm, Greg Kroah-Hartman wrote:
On Mon, Feb 24, 2025 at 02:26:04PM +0530, Prashanth K wrote:
If the USB configuration is not valid, then avoid checking for bmAttributes to prevent null pointer deference.
Cc: stable@vger.kernel.org Fixes: 40e89ff5750f ("usb: gadget: Set self-powered based on MaxPower and bmAttributes") Signed-off-by: Prashanth K prashanth.k@oss.qualcomm.com
drivers/usb/gadget/composite.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/usb/gadget/composite.c b/drivers/usb/gadget/composite.c index 4bcf73bae761..869ad99afb48 100644 --- a/drivers/usb/gadget/composite.c +++ b/drivers/usb/gadget/composite.c @@ -1051,7 +1051,7 @@ static int set_config(struct usb_composite_dev *cdev, usb_gadget_set_remote_wakeup(gadget, 0); done: if (power > USB_SELF_POWER_VBUS_MAX_DRAW ||
!(c->bmAttributes & USB_CONFIG_ATT_SELFPOWER))
(c && !(c->bmAttributes & USB_CONFIG_ATT_SELFPOWER)))-- 2.25.1
Have you checked linux-next yet for this fix that was posted last week? Does that not resolve the issue for you?
thanks,
greg k-h
I hope you are mentioning this one - https://lore.kernel.org/all/20250220120314.3614330-1-m.szyprowski@samsung.co...
Yes.
The above patch fixes null pointer in composite_suspend(), I'm trying to address a similar bug which is present in set_config(), it gets exposed if the requested configuration is not present in cdev->configs.
Ah, missed that, sorry. I'll go queue this up too.
thanks,
greg k-h