From 975f29984da4e25f2647d014ec3f4cf688c60e4d Mon Sep 17 00:00:00 2001
From: Hans de Goede <hdegoede@redhat.com>
Date: Fri, 26 Nov 2010 14:59:35 +0100
Subject: [PATCH] usb-linux: Refuse iso packets when max packet size is 0 (alt
 setting 0)

Refuse iso usb packets when then max packet size for the endpoint is 0,
this avoids an abort in usb_host_alloc_iso() caused by trying to qemu_malloc
a 0 bytes large buffer.
---
 usb-linux.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/usb-linux.c b/usb-linux.c
index 6aef7a5db0..4c42fe181a 100644
--- a/usb-linux.c
+++ b/usb-linux.c
@@ -549,7 +549,11 @@ static int urb_status_to_usb_ret(int status)
 static int usb_host_handle_iso_data(USBHostDevice *s, USBPacket *p)
 {
     AsyncURB *aurb;
-    int i, j, ret, len = 0;
+    int i, j, ret, max_packet_size, len = 0;
+
+    max_packet_size = get_max_packet_size(s, p->devep);
+    if (max_packet_size == 0)
+        return USB_RET_NAK;
 
     aurb = get_iso_urb(s, p->devep);
     if (!aurb) {