[ Upstream commit ffe3b7837a2bb421df84d0177481db9f52c93a71 ]
There is a slab-out-of-bounds Write bug in hid-holtek-kbd driver.
The problem is the driver assumes the device must have an input
but some malicious devices violate this assumption.
Fix this by checking hid_device's input is non-empty before its usage.
Signed-off-by: Ma Ke <make_ruc2021@163.com>
Signed-off-by: Jiri Kosina <jkosina@suse.cz>
Signed-off-by: Sasha Levin <sashal@kernel.org>
commit 01ec0a5f19c8c82960a07f6c7410fc9e01d7fb51 upstream.
The ioctl handler uses the intfdata of a second interface,
which may not be present in a broken or malicious device, hence
the intfdata needs to be checked for NULL.
[jkosina@suse.cz: fix newly added spurious space]
Reported-by: syzbot+965152643a75a56737be@syzkaller.appspotmail.com
Signed-off-by: Oliver Neukum <oneukum@suse.com>
Signed-off-by: Jiri Kosina <jkosina@suse.cz>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Use the new module_hid_driver macro in all HID drivers that have
a simple register/unregister init/exit.
This also converts the hid drivers that test for a failure of
hid_register_driver() and report the failure. Using module_hid_driver
in those drivers removes the failure message.
Signed-off-by: H Hartley Sweeten <hsweeten@visionengravers.com>
Signed-off-by: Jiri Kosina <jkosina@suse.cz>
Corrects two HID descriptor issues, which prevent some Holtek based
(USB ID 04d9:a055) keyboards from working. The error when not using
the driver is: generic-usb: probe ... failed with error -22 .
Signed-off-by: Tom Harwood <tomharwood@fastmail.fm>
Signed-off-by: Jiri Kosina <jkosina@suse.cz>
