Message ID | 1323739340-11364-1-git-send-email-mars@linux.vnet.ibm.com |
---|---|
State | New |
Headers | show |
On 12/13/11 02:22, mars@linux.vnet.ibm.com wrote: > When testing ipod on QEMU by He Jie Xu<xuhj@linux.vnet.ibm.com>,qemu made a assertion. > We found that the ipod with 2 configurations,and the usb-linux did not parse the descriptor correctly. > The descr_len returned is the total length of the all configurations,not one configuration. > The older version will through the other configurations instead of skip,continue parsing the descriptor of interfaces/endpoints in other configurations,then went wrong. > > This patch will put the configuration descriptor parse in loop outside and dispel the other configurations not requested. Patch added to usb patch queue. thanks, Gerd
diff --git a/usb-linux.c b/usb-linux.c index ab4c693..ed14bb1 100644 --- a/usb-linux.c +++ b/usb-linux.c @@ -1141,15 +1141,18 @@ static int usb_linux_update_endp_table(USBHostDevice *s) length = s->descr_len - 18; i = 0; - if (descriptors[i + 1] != USB_DT_CONFIG || - descriptors[i + 5] != s->configuration) { - fprintf(stderr, "invalid descriptor data - configuration %d\n", - s->configuration); - return 1; - } - i += descriptors[i]; - while (i < length) { + if (descriptors[i + 1] != USB_DT_CONFIG) { + fprintf(stderr, "invalid descriptor data\n"); + return 1; + } else if (descriptors[i + 5] != s->configuration) { + DPRINTF("not requested configuration %d\n", s->configuration); + i += (descriptors[i + 3] << 8) + descriptors[i + 2]; + continue; + } + + i += descriptors[i]; + if (descriptors[i + 1] != USB_DT_INTERFACE || (descriptors[i + 1] == USB_DT_INTERFACE && descriptors[i + 4] == 0)) {