Re: [PATCH 5.4 17/78] HID: Fix slab-out-of-bounds read in hid_field_extract (Broken!)

From: Jiri Kosina
Date: Wed Feb 05 2020 - 04:54:50 EST

Next message: Wei Yang: "Re: [PATCH v6 08/10] mm/memory_hotplug: Don't check for "all holes" in shrink_zone_span()"
Previous message: Miquel Raynal: "Re: [PATCH v3 4/5] mtd: spinand: micron: Add M70A series Micron SPI NAND devices"
In reply to: Enderborg, Peter: "Re: [PATCH 5.4 17/78] HID: Fix slab-out-of-bounds read in hid_field_extract (Broken!)"
Next in thread: peter enderborg: "Re: [PATCH 5.4 17/78] HID: Fix slab-out-of-bounds read in hid_field_extract (Broken!)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, 5 Feb 2020, Enderborg, Peter wrote:

> >> This patch breaks Elgato StreamDeck.
>
> > Does that mean the device is broken with a too-large of a report?
>
> Yes.

In which way does the breakage pop up? Are you getting "report too long"
errors in dmesg, or the device just doesn't enumerate at all?

Could you please post /sys/kernel/debug/hid/<device>/rdesc contents, and
if the device is at least semi-alive, also contents of
/sys/kernel/debug/hid/<device>/events from the time it misbehaves?

> > Is it broken in Linus's tree? If so, can you work with the HID
> > developers to fix it there so we can backport the fix to all stable
> > trees?
>
> I cant see that there are any other fixes upon this so I dont think so.
> I can try.
>
>
> Jiri is in the loop. I guess he is the "HID developers" ?

Thanks,

--
Jiri Kosina
SUSE Labs

Next message: Wei Yang: "Re: [PATCH v6 08/10] mm/memory_hotplug: Don't check for "all holes" in shrink_zone_span()"
Previous message: Miquel Raynal: "Re: [PATCH v3 4/5] mtd: spinand: micron: Add M70A series Micron SPI NAND devices"
In reply to: Enderborg, Peter: "Re: [PATCH 5.4 17/78] HID: Fix slab-out-of-bounds read in hid_field_extract (Broken!)"
Next in thread: peter enderborg: "Re: [PATCH 5.4 17/78] HID: Fix slab-out-of-bounds read in hid_field_extract (Broken!)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]