@@ -1141,15 +1141,19 @@ static int usb_linux_update_endp_table(USBHostDevice *s)
length = s->descr_len - 18;
i = 0;
- if (descriptors[i + 1] != USB_DT_CONFIG ||
- descriptors[i + 5] != s->configuration) {
- fprintf(stderr, "invalid descriptor data - configuration %d\n",
- s->configuration);
- return 1;
- }
- i += descriptors[i];
-
while (i < length) {
+ if (descriptors[i + 1] != USB_DT_CONFIG) {
+ fprintf(stderr, "invalid descriptor data\n");
+ return 1;
+ } else if (descriptors[i + 5] != s->configuration) {
+ fprintf(stderr, "not requested configuration %d\n",
+ s->configuration);
+ i += (descriptors[i + 3] << 8) + descriptors[i + 2];
+ continue;
+ }
+
+ i += descriptors[i];
+
if (descriptors[i + 1] != USB_DT_INTERFACE ||
(descriptors[i + 1] == USB_DT_INTERFACE &&
descriptors[i + 4] == 0)) {
When testing ipod on QEMU by He Jie Xu<xuhj@linux.vnet.ibm.com>,qemu made a assertion. We found that the ipod with 2 configurations,and the usb-linux did not parse the descriptor correctly. The descr_len returned is the total length of the all configurations,not one configuration. The older version will through the other configurations instead of skip,continue parsing the descriptor of interfaces/endpoints in other configurations,then went wrong. This patch will put the configuration descriptor parse in loop outside and dispel the other configurations not requested. Signed-off-by: Cao,Bing Bu <mars@linux.vnet.ibm.com> --- usb-linux.c | 20 ++++++++++++-------- 1 files changed, 12 insertions(+), 8 deletions(-)