From: Jiri Slaby <jslaby@suse.cz>
To: stable@vger.kernel.org
Cc: linux-kernel@vger.kernel.org, Johan Hovold <johan@kernel.org>,
Jiri Slaby <jslaby@suse.cz>
Subject: [PATCH 3.12 019/127] USB: serial: fix potential NULL-dereference at probe
Date: Fri, 25 Nov 2016 09:28:52 +0100 [thread overview]
Message-ID: <a255175b8407c4fe5cc08fb6923eea441a40c30f.1480062521.git.jslaby@suse.cz> (raw)
In-Reply-To: <f668f2eee98250a2073a4beafdb7f6d1e21c528e.1480062521.git.jslaby@suse.cz>
In-Reply-To: <cover.1480062521.git.jslaby@suse.cz>
From: Johan Hovold <johan@kernel.org>
3.12-stable review patch. If anyone has any objections, please let me know.
===============
commit 126d26f66d9890a69158812a6caa248c05359daa upstream.
Make sure we have at least one port before attempting to register a
console.
Currently, at least one driver binds to a "dummy" interface and requests
zero ports for it. Should such an interface also lack endpoints, we get
a NULL-deref during probe.
Fixes: e5b1e2062e05 ("USB: serial: make minor allocation dynamic")
Signed-off-by: Johan Hovold <johan@kernel.org>
Signed-off-by: Jiri Slaby <jslaby@suse.cz>
---
drivers/usb/serial/usb-serial.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/drivers/usb/serial/usb-serial.c b/drivers/usb/serial/usb-serial.c
index 137908af7c4c..4427705575c5 100644
--- a/drivers/usb/serial/usb-serial.c
+++ b/drivers/usb/serial/usb-serial.c
@@ -1061,7 +1061,8 @@ static int usb_serial_probe(struct usb_interface *interface,
serial->disconnected = 0;
- usb_serial_console_init(serial->port[0]->minor);
+ if (num_ports > 0)
+ usb_serial_console_init(serial->port[0]->minor);
exit:
module_put(type->driver.owner);
return 0;
--
2.10.2
next prev parent reply other threads:[~2016-11-25 9:08 UTC|newest]
Thread overview: 136+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-11-25 8:30 [PATCH 3.12 000/127] 3.12.68-stable review Jiri Slaby
2016-11-25 8:28 ` [PATCH 3.12 001/127] Revert "KVM: MIPS: Drop other CPU ASIDs on guest MMU changes" Jiri Slaby
2016-11-25 8:28 ` [PATCH 3.12 002/127] KVM: MIPS: Drop other CPU ASIDs on guest MMU changes Jiri Slaby
2016-11-25 8:28 ` [PATCH 3.12 003/127] MIPS: KVM: Fix unused variable build warning Jiri Slaby
2016-11-25 8:28 ` [PATCH 3.12 004/127] KVM: MIPS: Precalculate MMIO load resume PC Jiri Slaby
2016-11-25 8:28 ` [PATCH 3.12 005/127] HID: input: add mic mute key on HP slim keyboard Jiri Slaby
2016-11-25 8:28 ` [PATCH 3.12 006/127] HID: microsoft: Add Surface 4 type cover pro 4 (JP) Jiri Slaby
2016-11-25 8:28 ` [PATCH 3.12 007/127] tty: Prevent ldisc drivers from re-using stale tty fields Jiri Slaby
2016-11-25 8:28 ` [PATCH 3.12 008/127] UBIFS: Fix possible memory leak in ubifs_readdir() Jiri Slaby
2016-11-25 8:28 ` [PATCH 3.12 009/127] HID: usbhid: Add HID_QUIRK_NOGET for Aten DVI KVM switch Jiri Slaby
2016-11-25 8:28 ` [PATCH 3.12 010/127] libxfs: clean up _calc_dquots_per_chunk Jiri Slaby
2016-11-25 8:28 ` [PATCH 3.12 011/127] KEYS: Fix short sprintf buffer in /proc/keys show function Jiri Slaby
2016-11-25 8:28 ` [PATCH 3.12 012/127] ALSA: usb-audio: Add quirk for Syntek STK1160 Jiri Slaby
2016-11-25 8:28 ` [PATCH 3.12 013/127] ALSA: hda - Merge RIRB_PRE_DELAY into CTX_WORKAROUND caps Jiri Slaby
2016-11-25 8:28 ` [PATCH 3.12 014/127] ANDROID: binder: Add strong ref checks Jiri Slaby
2016-11-25 8:28 ` [PATCH 3.12 015/127] ANDROID: binder: Clear binder and cookie when setting handle in flat binder struct Jiri Slaby
2016-11-25 8:28 ` [PATCH 3.12 016/127] ubifs: Abort readdir upon error Jiri Slaby
2016-11-25 8:28 ` [PATCH 3.12 017/127] ubifs: Fix regression in ubifs_readdir() Jiri Slaby
2016-11-25 8:28 ` [PATCH 3.12 018/127] usb: gadget: function: u_ether: don't starve tx request queue Jiri Slaby
2016-11-25 8:28 ` Jiri Slaby [this message]
2016-11-25 8:28 ` [PATCH 3.12 020/127] USB: serial: ftdi_sio: add support for Infineon TriBoard TC2X7 Jiri Slaby
2016-11-25 8:28 ` [PATCH 3.12 021/127] Fix potential infoleak in older kernels Jiri Slaby
2016-11-25 8:28 ` [PATCH 3.12 022/127] vt: clear selection before resizing Jiri Slaby
2016-11-25 8:28 ` [PATCH 3.12 023/127] hv: do not lose pending heartbeat vmbus packets Jiri Slaby
2016-11-25 8:28 ` [PATCH 3.12 024/127] xhci: add restart quirk for Intel Wildcatpoint PCH Jiri Slaby
2016-11-25 8:28 ` [PATCH 3.12 025/127] tty: limit terminal size to 4M chars Jiri Slaby
2016-11-25 8:28 ` [PATCH 3.12 026/127] USB: serial: cp210x: fix tiocmget error handling Jiri Slaby
2016-11-25 8:29 ` [PATCH 3.12 027/127] KVM: x86: fix wbinvd_dirty_mask use-after-free Jiri Slaby
2016-11-25 8:29 ` [PATCH 3.12 028/127] KVM: MIPS: Make ERET handle ERL before EXL Jiri Slaby
2016-11-25 8:29 ` [PATCH 3.12 029/127] parisc: Ensure consistent state when switching to kernel stack at syscall entry Jiri Slaby
2016-11-25 8:29 ` [PATCH 3.12 030/127] virtio: console: Unlock vqs while freeing buffers Jiri Slaby
2016-11-25 8:29 ` [PATCH 3.12 031/127] Input: i8042 - add XMG C504 to keyboard reset table Jiri Slaby
2016-11-25 8:29 ` [PATCH 3.12 032/127] firewire: net: guard against rx buffer overflows Jiri Slaby
2016-11-25 8:29 ` [PATCH 3.12 033/127] firewire: net: fix fragmented datagram_size off-by-one Jiri Slaby
2016-11-25 8:29 ` [PATCH 3.12 034/127] mac80211: discard multicast and 4-addr A-MSDUs Jiri Slaby
2016-11-25 8:29 ` [PATCH 3.12 035/127] scsi: megaraid_sas: Fix data integrity failure for JBOD (passthrough) devices Jiri Slaby
2016-11-25 8:29 ` [PATCH 3.12 036/127] scsi: scsi_debug: Fix memory leak if LBP enabled and module is unloaded Jiri Slaby
2016-11-25 8:29 ` [PATCH 3.12 037/127] scsi: arcmsr: Send SYNCHRONIZE_CACHE command to firmware Jiri Slaby
2016-11-25 8:29 ` [PATCH 3.12 038/127] drm/radeon/si_dpm: Limit clocks on HD86xx part Jiri Slaby
2016-11-25 8:29 ` [PATCH 3.12 039/127] drm/radeon/si_dpm: workaround for SI kickers Jiri Slaby
2016-11-25 8:29 ` [PATCH 3.12 040/127] drm/radeon: drop register readback in cayman_cp_int_cntl_setup Jiri Slaby
2016-11-25 8:29 ` [PATCH 3.12 041/127] x86/xen: fix upper bound of pmd loop in xen_cleanhighmap() Jiri Slaby
2016-11-25 8:29 ` [PATCH 3.12 042/127] ARM: 8584/1: floppy: avoid gcc-6 warning Jiri Slaby
2016-11-25 8:29 ` [PATCH 3.12 043/127] drm/exynos: fix error handling in exynos_drm_subdrv_open Jiri Slaby
2016-11-25 8:29 ` [PATCH 3.12 044/127] smc91x: avoid self-comparison warning Jiri Slaby
2016-11-25 8:29 ` [PATCH 3.12 045/127] UBI: fastmap: scrub PEB when bitflips are detected in a free PEB EC header Jiri Slaby
2016-11-25 8:29 ` [PATCH 3.12 046/127] pwm: Unexport children before chip removal Jiri Slaby
2016-11-25 8:29 ` [PATCH 3.12 047/127] tty: vt, fix bogus division in csi_J Jiri Slaby
2016-11-25 8:29 ` [PATCH 3.12 048/127] HID: usbhid: add ATEN CS962 to list of quirky devices Jiri Slaby
2016-11-25 8:29 ` [PATCH 3.12 049/127] mm: hugetlb: allow hugepages_supported to be architecture specific Jiri Slaby
2016-11-25 8:29 ` [PATCH 3.12 050/127] x86/mm/xen: Suppress hugetlbfs in PV guests Jiri Slaby
2016-11-25 8:29 ` Jiri Slaby
2016-11-25 8:29 ` [PATCH 3.12 051/127] scsi: megaraid_sas: fix macro MEGASAS_IS_LOGICAL to avoid regression Jiri Slaby
2016-11-25 8:29 ` [PATCH 3.12 052/127] ASoC: cs4270: fix DAPM stream name mismatch Jiri Slaby
2016-11-25 8:29 ` [PATCH 3.12 053/127] dib0700: fix nec repeat handling Jiri Slaby
2016-11-25 8:29 ` [PATCH 3.12 054/127] swapfile: fix memory corruption via malformed swapfile Jiri Slaby
2016-11-25 8:29 ` [PATCH 3.12 055/127] coredump: fix unfreezable coredumping task Jiri Slaby
2016-11-25 8:29 ` [PATCH 3.12 056/127] s390/hypfs: Use get_free_page() instead of kmalloc to ensure page alignment Jiri Slaby
2016-11-25 8:29 ` [PATCH 3.12 057/127] staging: iio: ad5933: avoid uninitialized variable in error case Jiri Slaby
2016-11-25 8:29 ` [PATCH 3.12 058/127] drivers: staging: nvec: remove bogus reset command for PS/2 interface Jiri Slaby
2016-11-25 8:29 ` [PATCH 3.12 059/127] Revert "staging: nvec: ps2: change serio type to passthrough" Jiri Slaby
2016-11-25 8:29 ` [PATCH 3.12 060/127] usb: gadget: u_ether: remove interrupt throttling Jiri Slaby
2016-11-25 8:29 ` [PATCH 3.12 061/127] drbd: Fix kernel_sendmsg() usage - potential NULL deref Jiri Slaby
2016-11-25 8:29 ` [PATCH 3.12 062/127] iommu/amd: Free domain id when free a domain of struct dma_ops_domain Jiri Slaby
2016-11-25 8:29 ` [PATCH 3.12 063/127] mei: bus: fix received data size check in NFC fixup Jiri Slaby
2016-11-25 8:29 ` [PATCH 3.12 064/127] lib/genalloc.c: start search from start of chunk Jiri Slaby
2016-11-25 8:29 ` [PATCH 3.12 065/127] ACPI / APEI: Fix incorrect return value of ghes_proc() Jiri Slaby
2016-11-25 8:29 ` [PATCH 3.12 066/127] mmc: mxs: Initialize the spinlock prior to using it Jiri Slaby
2016-11-25 8:29 ` [PATCH 3.12 067/127] netfilter: fix namespace handling in nf_log_proc_dostring Jiri Slaby
2016-11-25 8:29 ` [PATCH 3.12 068/127] KVM: x86: fix missed SRCU usage in kvm_lapic_set_vapic_addr Jiri Slaby
2016-11-25 8:29 ` [PATCH 3.12 069/127] KVM: Disable irq while unregistering user notifier Jiri Slaby
2016-11-25 8:29 ` [PATCH 3.12 070/127] can: bcm: fix warning in bcm_connect/proc_register Jiri Slaby
2016-11-25 8:29 ` [PATCH 3.12 071/127] kbuild: add -fno-PIE Jiri Slaby
2016-11-25 8:29 ` [PATCH 3.12 072/127] scripts/has-stack-protector: " Jiri Slaby
2016-11-25 8:29 ` [PATCH 3.12 073/127] kbuild: Steal gcc's pie from the very beginning Jiri Slaby
2016-11-25 8:29 ` [PATCH 3.12 074/127] ext4: sanity check the block and cluster size at mount time Jiri Slaby
2016-11-25 8:29 ` [PATCH 3.12 075/127] mfd: core: Fix device reference leak in mfd_clone_cell Jiri Slaby
2016-11-25 8:29 ` [PATCH 3.12 076/127] uwb: fix device reference leaks Jiri Slaby
2016-11-25 8:29 ` [PATCH 3.12 077/127] PM / sleep: fix device reference leak in test_suspend Jiri Slaby
2016-11-25 8:29 ` [PATCH 3.12 078/127] IB/mlx4: Fix create CQ error flow Jiri Slaby
2016-11-25 8:29 ` [PATCH 3.12 079/127] IB/mlx5: Use cache line size to select CQE stride Jiri Slaby
2016-11-25 8:29 ` [PATCH 3.12 080/127] IB/mlx5: Fix fatal error dispatching Jiri Slaby
2016-11-25 8:29 ` [PATCH 3.12 081/127] IB/uverbs: Fix leak of XRC target QPs Jiri Slaby
2016-11-25 8:29 ` [PATCH 3.12 082/127] IB/cm: Mark stale CM id's whenever the mad agent was unregistered Jiri Slaby
2016-11-25 8:29 ` [PATCH 3.12 083/127] net: fix sk_mem_reclaim_partial() Jiri Slaby
2016-11-25 8:29 ` [PATCH 3.12 084/127] tcp: fix overflow in __tcp_retransmit_skb() Jiri Slaby
2016-11-25 8:29 ` [PATCH 3.12 085/127] net: avoid sk_forward_alloc overflows Jiri Slaby
2016-11-25 8:29 ` [PATCH 3.12 086/127] tcp: fix wrong checksum calculation on MTU probing Jiri Slaby
2016-11-25 8:30 ` [PATCH 3.12 087/127] ip6_gre: fix flowi6_proto value in ip6gre_xmit_other() Jiri Slaby
2016-11-25 8:30 ` [PATCH 3.12 088/127] ipmr, ip6mr: fix scheduling while atomic and a deadlock with ipmr_get_route Jiri Slaby
2016-11-25 8:30 ` [PATCH 3.12 089/127] net: Add netdev all_adj_list refcnt propagation to fix panic Jiri Slaby
2016-11-25 8:30 ` [PATCH 3.12 090/127] packet: call fanout_release, while UNREGISTERING a netdev Jiri Slaby
2016-11-25 8:30 ` [PATCH 3.12 091/127] ipv6: correctly add local routes when lo goes up Jiri Slaby
2016-11-25 8:30 ` [PATCH 3.12 092/127] bridge: multicast: restore perm router ports on multicast enable Jiri Slaby
2016-11-25 8:30 ` [PATCH 3.12 093/127] net: sctp, forbid negative length Jiri Slaby
2016-11-25 8:30 ` Jiri Slaby
2016-11-25 8:30 ` [PATCH 3.12 094/127] sctp: validate chunk len before actually using it Jiri Slaby
2016-11-25 8:30 ` [PATCH 3.12 095/127] drivers/vfio: Rework offsetofend() Jiri Slaby
2016-11-25 8:30 ` [PATCH 3.12 096/127] include/stddef.h: Move offsetofend() from vfio.h to a generic kernel header Jiri Slaby
2016-11-25 8:30 ` [PATCH 3.12 097/127] stddef.h: move offsetofend inside #ifndef/#endif guard, neaten Jiri Slaby
2016-11-25 8:30 ` [PATCH 3.12 098/127] net: clear sk_err_soft in sk_clone_lock() Jiri Slaby
2016-11-25 8:30 ` [PATCH 3.12 099/127] net: mangle zero checksum in skb_checksum_help() Jiri Slaby
2016-11-25 8:30 ` [PATCH 3.12 100/127] ip6_tunnel: Clear IP6CB in ip6tunnel_xmit() Jiri Slaby
2016-11-25 8:30 ` [PATCH 3.12 101/127] tcp: fix potential memory corruption Jiri Slaby
2016-11-25 8:30 ` [PATCH 3.12 102/127] dccp: do not send reset to already closed sockets Jiri Slaby
2016-11-25 8:30 ` [PATCH 3.12 103/127] dccp: fix out of bound access in dccp_v4_err() Jiri Slaby
2016-11-25 8:30 ` [PATCH 3.12 104/127] ipv6: dccp: fix out of bound access in dccp_v6_err() Jiri Slaby
2016-11-25 8:30 ` [PATCH 3.12 105/127] ipv6: dccp: add missing bind_conflict to dccp_ipv6_mapped Jiri Slaby
2016-11-25 8:30 ` [PATCH 3.12 106/127] sctp: assign assoc_id earlier in __sctp_connect Jiri Slaby
2016-11-25 8:30 ` [PATCH 3.12 107/127] neigh: check error pointer instead of NULL for ipv4_neigh_lookup() Jiri Slaby
2016-11-25 8:30 ` [PATCH 3.12 108/127] ipv4: use new_gw for redirect neigh lookup Jiri Slaby
2016-11-25 8:30 ` [PATCH 3.12 109/127] tcp: take care of truncations done by sk_filter() Jiri Slaby
2016-11-25 8:30 ` [PATCH 3.12 110/127] sparc: Don't leak context bits into thread->fault_address Jiri Slaby
2016-11-25 8:30 ` [PATCH 3.12 111/127] sparc64 mm: Fix base TSB sizing when hugetlb pages are used Jiri Slaby
2016-11-25 8:30 ` [PATCH 3.12 112/127] sparc: Handle negative offsets in arch_jump_label_transform Jiri Slaby
2016-11-25 8:30 ` [PATCH 3.12 113/127] sparc64: Handle extremely large kernel TSB range flushes sanely Jiri Slaby
2016-11-25 8:30 ` [PATCH 3.12 114/127] sparc64: Fix illegal relative branches in hypervisor patched TLB code Jiri Slaby
2016-11-25 8:30 ` [PATCH 3.12 115/127] sparc64: Fix instruction count in comment for __hypervisor_flush_tlb_pending Jiri Slaby
2016-11-25 8:30 ` [PATCH 3.12 116/127] sparc64: Fix illegal relative branches in hypervisor patched TLB cross-call code Jiri Slaby
2016-11-25 8:30 ` [PATCH 3.12 117/127] sparc64: Handle extremely large kernel TLB range flushes more gracefully Jiri Slaby
2016-11-25 8:30 ` [PATCH 3.12 118/127] cgroup: use an ordered workqueue for cgroup destruction Jiri Slaby
2016-11-26 20:55 ` Hugh Dickins
2016-11-28 8:26 ` Jiri Slaby
2016-11-25 8:30 ` [PATCH 3.12 119/127] mm: filemap: update find_get_pages_tag() to deal with shadow entries Jiri Slaby
2016-11-25 8:30 ` [PATCH 3.12 120/127] mm: export symbol dependencies of is_zero_pfn() Jiri Slaby
2016-11-25 8:30 ` [PATCH 3.12 121/127] KVM: check for !is_zero_pfn() in kvm_is_mmio_pfn() Jiri Slaby
2016-11-25 8:30 ` [PATCH 3.12 122/127] drivers/net: Disable UFO through virtio Jiri Slaby
2016-11-30 23:54 ` Ben Hutchings
2016-12-01 9:03 ` Jiri Slaby
2016-11-25 8:30 ` [PATCH 3.12 123/127] usb: musb: musb_cppi41: recognize HS devices in hostmode Jiri Slaby
2016-11-25 8:30 ` [PATCH 3.12 124/127] perf: Tighten (and fix) the grouping condition Jiri Slaby
2016-11-25 8:30 ` [PATCH 3.12 125/127] PCI: Handle read-only BARs on AMD CS553x devices Jiri Slaby
2016-11-25 8:30 ` [PATCH 3.12 126/127] xen-pciback: Add name prefix to global 'permissive' variable Jiri Slaby
2016-11-25 8:30 ` [PATCH 3.12 127/127] ALSA: usb-audio: Fix runtime PM unbalance Jiri Slaby
2016-11-25 16:18 ` [PATCH 3.12 000/127] 3.12.68-stable review Guenter Roeck
2016-11-29 14:39 ` Jiri Slaby
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=a255175b8407c4fe5cc08fb6923eea441a40c30f.1480062521.git.jslaby@suse.cz \
--to=jslaby@suse.cz \
--cc=johan@kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.