git: 3d5104182c2e - main - ued may be NULL here which will cause a panic... reproducable by simply doing a usbconfig reset on a device which doesn't reset itself properly...
John-Mark Gurney
jmg at FreeBSD.org
Tue Jun 29 01:10:37 UTC 2021
The branch main has been updated by jmg:
URL: https://cgit.FreeBSD.org/src/commit/?id=3d5104182c2eb4336905e89aa0d089b67aa746e3
commit 3d5104182c2eb4336905e89aa0d089b67aa746e3
Author: John-Mark Gurney <jmg at FreeBSD.org>
AuthorDate: 2021-06-29 01:09:14 +0000
Commit: John-Mark Gurney <jmg at FreeBSD.org>
CommitDate: 2021-06-29 01:09:14 +0000
ued may be NULL here which will cause a panic... reproducable by
simply doing a usbconfig reset on a device which doesn't reset itself
properly...
---
sys/dev/usb/net/if_cdce.c | 16 ++++++++--------
1 file changed, 8 insertions(+), 8 deletions(-)
diff --git a/sys/dev/usb/net/if_cdce.c b/sys/dev/usb/net/if_cdce.c
index 64c31896d417..24813ea305e4 100644
--- a/sys/dev/usb/net/if_cdce.c
+++ b/sys/dev/usb/net/if_cdce.c
@@ -709,18 +709,18 @@ alloc_transfers:
if ((ued == NULL) || (ued->bLength < sizeof(*ued))) {
error = USB_ERR_INVAL;
} else {
+ /*
+ * ECM 1.2 doesn't say it excludes the CRC, but states that it's
+ * normally 1514, which excludes the CRC.
+ */
+ DPRINTF("max segsize: %d\n", UGETW(ued->wMaxSegmentSize));
+ if (UGETW(ued->wMaxSegmentSize) >= (ETHER_MAX_LEN - ETHER_CRC_LEN + ETHER_VLAN_ENCAP_LEN))
+ sc->sc_flags |= CDCE_FLAG_VLAN;
+
error = usbd_req_get_string_any(uaa->device, NULL,
eaddr_str, sizeof(eaddr_str), ued->iMacAddress);
}
- /*
- * ECM 1.2 doesn't say it excludes the CRC, but states that it's
- * normally 1514, which excludes the CRC.
- */
- DPRINTF("max segsize: %d\n", UGETW(ued->wMaxSegmentSize));
- if (UGETW(ued->wMaxSegmentSize) >= (ETHER_MAX_LEN - ETHER_CRC_LEN + ETHER_VLAN_ENCAP_LEN))
- sc->sc_flags |= CDCE_FLAG_VLAN;
-
if (error) {
/* fake MAC address */
More information about the dev-commits-src-all
mailing list