usbmisc: initialize string buffer before reading from device.

Cliff Biffle points out that some devices lie about the length of their string, so we end up with stack data in the string buffer, which is then displayed by userspace. Fix this up by initializing the data to 0 first before reading from the device. Reported-by: Cliff L. Biffle <code@cliffle.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
author: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 2020-10-22 12:01:44 +0200
committer: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 2020-10-22 12:01:44 +0200
commit: e3a98cd4870e46cefbfaa1c6f3142c70351aba02 (patch)
tree: 907bc55a47b190edc8d9297da2611de53ade690f
parent: c527ab2fa4c9bc5b2fb19a689b79a9011136e56d (diff)
download: usbutils-e3a98cd4870e46cefbfaa1c6f3142c70351aba02.tar.gz
1 files changed, 6 insertions, 0 deletions
diff --git a/usbmisc.c b/usbmisc.c
index 9a329f2..ba0591f 100644
--- a/usbmisc.c
+++ b/usbmisc.c
@@ -210,6 +210,12 @@ char *get_dev_string(libusb_device_handle *dev, uint8_t id)
 	langid = get_any_langid(dev);
 	if (!langid) return strdup("(error)");
 
+	/*
+	 * Some devices lie about their string size, so initialize
+	 * the buffer with all 0 to account for that.
+	 */
+	memset(unicode_buf, 0x00, sizeof(unicode_buf));
+
 	ret = libusb_get_string_descriptor(dev, id, langid,
 	                                   (unsigned char *) unicode_buf,
 	                                   sizeof unicode_buf);
author	Greg Kroah-Hartman <gregkh@linuxfoundation.org>	2020-10-22 12:01:44 +0200
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>	2020-10-22 12:01:44 +0200
commit	e3a98cd4870e46cefbfaa1c6f3142c70351aba02 (patch)
tree	907bc55a47b190edc8d9297da2611de53ade690f
parent	c527ab2fa4c9bc5b2fb19a689b79a9011136e56d (diff)
download	usbutils-e3a98cd4870e46cefbfaa1c6f3142c70351aba02.tar.gz