linux_old1/drivers
Andrew Gabbasov aec17e1e24 usb: gadget: composite: Fix use-after-free in usb_composite_overwrite_options
KASAN enabled configuration reports an error

    BUG: KASAN: use-after-free in usb_composite_overwrite_options+...
                [libcomposite] at addr ...
    Read of size 1 by task ...

when some driver is un-bound and then bound again.
For example, this happens with FunctionFS driver when "ffs-test"
test application is run several times in a row.

If the driver has empty manufacturer ID string in initial static data,
it is then replaced with generated string. After driver unbinding
the generated string is freed, but the driver data still keep that
pointer. And if the driver is then bound again, that pointer
is re-used for string emptiness check.

The fix is to clean up the driver string data upon its unbinding
to drop the pointer to freed memory.

Fixes: cc2683c318 ("usb: gadget: Provide a default implementation of default manufacturer string")
Cc: stable@vger.kernel.org
Signed-off-by: Andrew Gabbasov <andrew_gabbasov@mentor.com>
Signed-off-by: Felipe Balbi <felipe.balbi@linux.intel.com>
2017-10-11 13:14:30 +03:00
..
accessibility
acpi ACPI/IORT: Fix PCI ACS enablement 2017-10-04 17:34:41 +01:00
amba
android android: binder: drop lru lock in isolate callback 2017-10-03 17:54:24 -07:00
ata ahci: don't ignore result code of ahci_reset_controller() 2017-10-02 12:21:30 -07:00
atm
auxdisplay auxdisplay: charlcd: properly restore atomic counter on error path 2017-09-18 16:06:00 +02:00
base Driver core fixes for 4.14-rc4 2017-10-03 08:57:07 -07:00
bcma
block Merge branch 'for-linus' of git://git.kernel.dk/linux-block 2017-10-06 12:13:50 -07:00
bluetooth
bus ARM: SoC driver updates for v4.14 2017-09-10 20:40:00 -07:00
cdrom
char Merge branch 'next-tpm' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security 2017-09-24 11:34:28 -07:00
clk clk: samsung: exynos4: Enable VPLL and EPLL clocks for suspend/resume cycle 2017-10-04 09:19:13 -07:00
clocksource x86/numachip: Add const and __initconst to numachip2_clockevent 2017-09-25 09:36:15 +02:00
connector
cpufreq cpufreq: dt: Fix sysfs duplicate filename creation for platform-device 2017-09-26 01:10:08 +02:00
cpuidle ARM: cpuidle: Avoid memleak if init fail 2017-09-19 23:10:51 +02:00
crypto crypto: caam - fix LS1021A support on ARMv7 multiplatform kernel 2017-09-20 17:42:42 +08:00
dax - Some request-based DM core and DM multipath fixes and cleanups 2017-09-14 13:43:16 -07:00
dca
devfreq
dio
dma dmaengine updates for 4.14-rc1 2017-09-07 14:03:05 -07:00
dma-buf
edac
eisa
extcon
firewire
firmware dmi: Mark all struct dmi_system_id instances const 2017-09-14 11:59:30 +02:00
fmc
fpga fpga: altera-cvp: remove DRIVER_ATTR() usage 2017-09-19 09:20:33 +02:00
fsi drivers/fsi/scom: Remove reset before every putscom 2017-08-28 17:15:16 +02:00
gpio - New Drivers 2017-09-07 13:51:13 -07:00
gpu Merge tag 'drm-misc-fixes-2017-10-05' of git://anongit.freedesktop.org/git/drm-misc into drm-fixes 2017-10-06 11:09:47 +10:00
hid Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/hid 2017-10-05 10:28:12 -07:00
hsi
hv Drivers: hv: fcopy: restore correct transfer length 2017-09-22 10:29:54 +02:00
hwmon hwmon: (xgene) Fix up error handling path mixup in 'xgene_hwmon_probe()' 2017-10-01 08:46:54 -07:00
hwspinlock
hwtracing intel_th: pci: Add Lewisburg PCH support 2017-09-22 10:28:00 +02:00
i2c Merge branch 'i2c/for-current-4.14' of git://git.kernel.org/pub/scm/linux/kernel/git/wsa/linux 2017-10-07 10:07:51 -07:00
ide ide: fix IRQ assignment for PCI bus order probing 2017-10-03 14:03:31 -05:00
idle Power management updates for v4.14-rc1 2017-09-05 12:19:08 -07:00
iio First round of IIO fixes for the 4.14 cycle 2017-09-25 10:58:22 +02:00
infiniband i40iw: Fix port number for query QP 2017-10-04 15:28:49 -04:00
input Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/dtor/input 2017-09-22 17:23:41 -10:00
iommu iommu/amd: pr_err() strings should end with newlines 2017-09-27 17:01:35 +02:00
ipack
irqchip irqchip/mips-gic: Use effective affinity to unmask 2017-09-25 21:23:44 +02:00
isdn isdn/i4l: fetch the ppp_write buffer in one shot 2017-09-20 16:01:36 -07:00
leds as3645a: Unregister indicator LED on device unbind 2017-09-23 21:17:43 +02:00
lightnvm
macintosh powerpc/macintosh: constify wf_sensor_ops structures 2017-09-01 16:42:54 +10:00
mailbox Just behavorial changes to a controller driver: 2017-09-07 13:23:37 -07:00
mcb Char/Misc drivers for 4.14-rc1 2017-09-05 11:08:17 -07:00
md Merge branch 'for-linus' of git://git.kernel.dk/linux-block 2017-10-06 12:13:50 -07:00
media Update James Hogan's email address 2017-10-04 17:11:53 -07:00
memory ARM: SoC driver updates for v4.14 2017-09-10 20:40:00 -07:00
memstick
message scsi: scsi_transport_sas: switch to bsg-lib for SMP passthrough 2017-08-29 21:51:45 -04:00
mfd dmi: Mark all struct dmi_system_id instances const 2017-09-14 11:59:30 +02:00
misc cxl: Fix memory page not handled 2017-09-29 14:19:44 +10:00
mmc mmc: sdhci-xenon: Fix clock resource by adding an optional bus clock 2017-10-04 10:50:36 +02:00
mtd mtd: nand: atmel: fix buffer overflow in atmel_pmecc_user 2017-09-27 17:33:28 +02:00
mux mux: make device_type const 2017-08-29 13:46:35 +02:00
net net: stmmac: dwmac-rk: Add RK3128 GMAC support 2017-10-03 15:39:56 -07:00
nfc
ntb
nubus
nvdimm libnvdimm, namespace: fix btt claim class crash 2017-09-18 17:29:01 -07:00
nvme nvme-pci: Use PCI bus address for data/queues in CMB 2017-10-04 11:42:53 +02:00
nvmem nvmem: add missing of_node_put() in of_nvmem_cell_get() 2017-09-18 16:12:26 +02:00
of dma-mapping updates for 4.14: 2017-09-12 13:30:06 -07:00
oprofile
parisc
parport Char/Misc drivers for 4.14-rc1 2017-09-05 11:08:17 -07:00
pci PCI: Fix race condition with driver_override 2017-09-25 18:34:54 -05:00
pcmcia MIPS: Alchemy: Threaded carddetect irqs for devboards 2017-08-29 15:21:53 +02:00
perf drivers/perf: arm_pmu_acpi: Release memory obtained by kasprintf 2017-09-22 15:11:46 +01:00
phy Merge branch '4.14-features' of git://git.linux-mips.org/pub/scm/ralf/upstream-linus 2017-09-15 20:43:33 -07:00
pinctrl pinctrl/amd: save pin registers over suspend/resume 2017-09-12 15:58:45 +02:00
platform platform/x86: fujitsu-laptop: Don't oops when FUJ02E3 is not presnt 2017-09-27 00:04:43 -07:00
pnp dmi: Mark all struct dmi_system_id instances const 2017-09-14 11:59:30 +02:00
power power supply and reset changes for the v4.14 series 2017-09-09 14:44:39 -07:00
powercap
pps drivers/pps: use surrounding "if PPS" to remove numerous dependency checks 2017-09-08 18:26:51 -07:00
ps3
ptp
pwm pwm: Changes for v4.14-rc1 2017-09-11 13:04:32 -07:00
rapidio rapidio: remove global irq spinlocks from the subsystem 2017-10-03 17:54:24 -07:00
ras
regulator - New Drivers 2017-09-07 13:51:13 -07:00
remoteproc rpmsg updates for v4.14 2017-09-09 14:34:38 -07:00
reset reset: Restrict RESET_HSDK to ARC_SOC_HSDK or COMPILE_TEST 2017-09-21 12:44:01 +02:00
rpmsg rpmsg: glink: initialize ret to zero to ensure error status check is correct 2017-09-04 10:52:30 -07:00
rtc RTC for 4.14 2017-09-13 10:56:00 -07:00
s390 s390/cio: recover from bad paths 2017-09-19 08:36:19 +02:00
sbus
scsi SCSI fixes on 20171007 2017-10-07 12:34:16 -07:00
sfi
sh
sn
soc Merge branch '4.14-features' of git://git.linux-mips.org/pub/scm/ralf/upstream-linus 2017-09-15 20:43:33 -07:00
spi ACPI updates for v4.14-rc1 2017-09-05 12:45:03 -07:00
spmi
ssb
staging First round of IIO fixes for the 4.14 cycle 2017-09-25 10:58:22 +02:00
target Merge branch 'work.set_fs' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2017-09-14 18:13:32 -07:00
tc
tee
thermal Merge branches 'thermal-core', 'thermal-soc', 'thermal-intel' and 'const-thermal-zone-structure' into next 2017-09-08 11:20:04 +08:00
thunderbolt ACPI updates for v4.14-rc1 2017-09-05 12:45:03 -07:00
tty serial: sccnxp: Fix error handling in sccnxp_probe() 2017-09-18 18:19:21 +02:00
uio
usb usb: gadget: composite: Fix use-after-free in usb_composite_overwrite_options 2017-10-11 13:14:30 +03:00
uwb uwb: properly check kthread_run return value 2017-09-18 11:28:23 +02:00
vfio vfio: platform: constify amba_id 2017-08-30 14:03:42 -06:00
vhost lib/interval_tree: fast overlap detection 2017-09-08 18:26:49 -07:00
video fbdev changes for v4.14: 2017-09-14 13:33:33 -07:00
virt virt: Convert to using %pOF instead of full_name 2017-08-29 08:52:51 -05:00
virtio SCSI misc on 20170907 2017-09-07 21:11:05 -07:00
vlynq
vme
w1 power supply and reset changes for the v4.14 series 2017-09-09 14:44:39 -07:00
watchdog Merge branch '4.14-features' of git://git.linux-mips.org/pub/scm/ralf/upstream-linus 2017-09-15 20:43:33 -07:00
xen xen: fixes for 4.14-rc3 2017-09-29 12:24:28 -07:00
zorro
Kconfig
Makefile