[PATCH] hid-core: Zero-pad truncated reports
When it detects a truncated report, hid-core emits a warning and then processes the report as usual. This is good because it allows buggy devices to still get data thru to userspace. However, the missing bytes of the report should be cleared before processing, otherwise userspace will be handed partially-uninitialized data. This fixes Debian tracker bug #330487. Signed-off-by: Adam Kropelin <akropel1@rochester.rr.com> Cc: Vojtech Pavlik <vojtech@suse.cz> Acked-by: Dmitry Torokhov <dtor_core@ameritech.net> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
This commit is contained in:
Родитель
fb79ffa4dd
Коммит
cd6104572b
|
@ -893,8 +893,10 @@ static int hid_input_report(int type, struct urb *urb, int interrupt, struct pt_
|
|||
|
||||
size = ((report->size - 1) >> 3) + 1;
|
||||
|
||||
if (len < size)
|
||||
if (len < size) {
|
||||
dbg("report %d is too short, (%d < %d)", report->id, len, size);
|
||||
memset(data + len, 0, size - len);
|
||||
}
|
||||
|
||||
if (hid->claimed & HID_CLAIMED_HIDDEV)
|
||||
hiddev_report_event(hid, report);
|
||||
|
|
Загрузка…
Ссылка в новой задаче