On 3.3.2022 12.43, Anssi Hannula wrote:
Hi,
On 3.3.2022 12.26, Mathias Nyman wrote:
From: Anssi Hannula anssi.hannula@bitwise.fi
xhci_decode_ctrl_ctx() returns the untouched buffer as-is if both "drop" and "add" parameters are zero.
Fix the function to return an empty string in that case.
It was not immediately clear from the possible call chains whether this issue is currently actually triggerable or not.
Note that before commit 4843b4b5ec64 ("xhci: fix even more unsafe memory Cc: stable@vger.kernel.org usage in xhci tracing") the result effect in the failure case was different as a static buffer was used here, but the code still worked incorrectly.
You added the Cc-stable line a few lines too early above :)
Oops, copypaste accident.
I'll resubmit
Thanks -Mathias