diff options
author | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2020-10-22 12:01:44 +0200 |
---|---|---|
committer | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2020-10-22 12:01:44 +0200 |
commit | e3a98cd4870e46cefbfaa1c6f3142c70351aba02 (patch) | |
tree | 907bc55a47b190edc8d9297da2611de53ade690f | |
parent | c527ab2fa4c9bc5b2fb19a689b79a9011136e56d (diff) | |
download | usbutils-e3a98cd4870e46cefbfaa1c6f3142c70351aba02.tar.gz |
usbmisc: initialize string buffer before reading from device.
Cliff Biffle points out that some devices lie about the length of their
string, so we end up with stack data in the string buffer, which is then
displayed by userspace. Fix this up by initializing the data to 0 first
before reading from the device.
Reported-by: Cliff L. Biffle <code@cliffle.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
-rw-r--r-- | usbmisc.c | 6 |
1 files changed, 6 insertions, 0 deletions
@@ -210,6 +210,12 @@ char *get_dev_string(libusb_device_handle *dev, uint8_t id) langid = get_any_langid(dev); if (!langid) return strdup("(error)"); + /* + * Some devices lie about their string size, so initialize + * the buffer with all 0 to account for that. + */ + memset(unicode_buf, 0x00, sizeof(unicode_buf)); + ret = libusb_get_string_descriptor(dev, id, langid, (unsigned char *) unicode_buf, sizeof unicode_buf); |