From: Alan Stern <stern@rowland.harvard.edu>
To: Johan Korsnes <jkorsnes@cisco.com>
Cc: linux-usb@vger.kernel.org,
Armando Visconti <armando.visconti@st.com>,
Jiri Kosina <jkosina@suse.cz>
Subject: Re: [PATCH 2/2] HID: core: increase HID report buffer size to 8KiB
Date: Wed, 15 Jan 2020 10:21:43 -0500 (EST) [thread overview]
Message-ID: <Pine.LNX.4.44L0.2001151017190.1788-100000@iolanthe.rowland.org> (raw)
In-Reply-To: <20200115123344.4650-2-jkorsnes@cisco.com>
On Wed, 15 Jan 2020, Johan Korsnes wrote:
> We have a touch device that reports its opens and shorts test results
> in HID buffers of size 8184 bytes. With this patch we're able to
> successfully obtain these reports.
>
> Alan Stern: Your commit 8ec321e96e05 ("HID: Fix slab-out-of-bounds
> read in hid_field_extract") states:
>
> "This patch fixes the problem by rejecting any report whose total
> length exceeds the HID_MAX_BUFFER_SIZE limit (minus one byte to allow
> for a possible report index). In theory a device could have a report
> longer than that, but if there was such a thing we wouldn't handle it
> correctly anyway."
>
> Is this something we have to worry about when increasing the buffer
> size? Or are you referring to the fact that we previously truncated
> the reports if they exceeded max buffer size?
The latter. And after this patch we will still truncate reports that
exceed the max buffer size, no "previously" about it.
(Incidentally, these last three paragraphs don't belong in the patch
description; nobody will care about them once the patch has been
merged. You should have put them below the "---" separator line.)
Alan Stern
next prev parent reply other threads:[~2020-01-15 15:21 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-01-15 12:33 [PATCH 1/2] HID: core: fix off-by-one memset in hid_report_raw_event() Johan Korsnes
2020-01-15 12:33 ` [PATCH 2/2] HID: core: increase HID report buffer size to 8KiB Johan Korsnes
2020-01-15 15:21 ` Alan Stern [this message]
2020-01-15 15:50 ` Johan Korsnes (jkorsnes)
2020-01-17 10:15 ` Jiri Kosina
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Pine.LNX.4.44L0.2001151017190.1788-100000@iolanthe.rowland.org \
--to=stern@rowland.harvard.edu \
--cc=armando.visconti@st.com \
--cc=jkorsnes@cisco.com \
--cc=jkosina@suse.cz \
--cc=linux-usb@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).