Re: [PATCH] usbcore: usb_set_configuration oops (NULL ptr dereference)
From: Alan Stern
Date: Thu Mar 09 2006 - 10:22:05 EST
On Thu, 9 Mar 2006, Horst Schirmeier wrote:
> When trying to deconfigure a device via usb_set_configuration(dev, 0),
> 2.6.16-rc kernels after 55c527187c9d78f840b284d596a0b298bc1493af oops
> with "Unable to handle NULL pointer dereference at...". This is due to
> an unchecked dereference of cp in the power budget part.
>
> Signed-off-by: Horst Schirmeier <horst@xxxxxxxxxxxxxx>
Acked-by: Alan Stern <stern@xxxxxxxxxxxxxxxxxxx>
>
> ---
>
> diff --git a/drivers/usb/core/message.c b/drivers/usb/core/message.c
> index 7135e54..96cabeb 100644
> --- a/drivers/usb/core/message.c
> +++ b/drivers/usb/core/message.c
> @@ -1388,11 +1388,13 @@ free_interfaces:
> if (dev->state != USB_STATE_ADDRESS)
> usb_disable_device (dev, 1); // Skip ep0
>
> - i = dev->bus_mA - cp->desc.bMaxPower * 2;
> - if (i < 0)
> - dev_warn(&dev->dev, "new config #%d exceeds power "
> - "limit by %dmA\n",
> - configuration, -i);
> + if (cp) {
> + i = dev->bus_mA - cp->desc.bMaxPower * 2;
> + if (i < 0)
> + dev_warn(&dev->dev, "new config #%d exceeds power "
> + "limit by %dmA\n",
> + configuration, -i);
> + }
>
> if ((ret = usb_control_msg(dev, usb_sndctrlpipe(dev, 0),
> USB_REQ_SET_CONFIGURATION, 0, configuration, 0,
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/