TWxSoftware/twx-linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
v6.6.90
twx-linux/drivers/hid
History
Tomasz Pakuła be706a48bb HID: pidff: Fix null pointer dereference in pidff_find_fields 
[ Upstream commit 22a05462c3d0eee15154faf8d13c49e6295270a5 ]

This function triggered a null pointer dereference if used to search for
a report that isn't implemented on the device. This happened both for
optional and required reports alike.

The same logic was applied to pidff_find_special_field and although
pidff_init_fields should return an error earlier if one of the required
reports is missing, future modifications could change this logic and
resurface this possible null pointer dereference again.

LKML bug report:
https://lore.kernel.org/all/CAL-gK7f5=R0nrrQdPtaZZr1fd-cdAMbDMuZ_NLA8vM0SX+nGSw@mail.gmail.com

Reported-by: Nolan Nicholson <nolananicholson@gmail.com>
Signed-off-by: Tomasz Pakuła <tomasz.pakula.oficjalny@gmail.com>
Reviewed-by: Michał Kopeć <michal@nozomi.space>
Reviewed-by: Paul Dino Jones <paul@spacefreak18.xyz>
Tested-by: Paul Dino Jones <paul@spacefreak18.xyz>
Tested-by: Cristóferson Bueno <cbueno81@gmail.com>
Tested-by: Pablo Cisneros <patchkez@protonmail.com>
Signed-off-by: Jiri Kosina <jkosina@suse.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
2025-04-25 10:45:12 +02:00
..
amd-sfh-hid HID: amd_sfh: Switch to device-managed dmam_alloc_coherent() 2024-10-17 15:24:33 +02:00
bpf HID: bpf: actually free hdev memory after attaching a HID-BPF program 2024-02-23 09:24:55 +01:00
i2c-hid HID: i2c-hid: improve i2c_hid_get_report error message 2025-04-10 14:37:37 +02:00
intel-ish-hid HID: intel-ish-hid: Send clock sync message immediately after reset 2025-03-22 12:50:41 -07:00
surface-hid for-linus-2023022201 2023-02-22 11:24:42 -08:00
usbhid HID: pidff: Fix null pointer dereference in pidff_find_fields 2025-04-25 10:45:12 +02:00
.kunitconfig HID: input: map battery system charging 2022-12-20 15:30:35 +01:00
hid-a4tech.c
hid-accutouch.c
hid-alps.c HID: hid-alps: use default remove for hid device 2022-11-21 22:17:10 +01:00
hid-apple.c HID: apple: disable Fn key handling on the Omoton KB066 2025-03-22 12:50:50 -07:00
hid-appleir.c HID: appleir: Fix potential NULL dereference at raw event handle 2025-03-13 12:58:23 +01:00
hid-asus.c hid-asus: add ROG Ally X prod ID to quirk list 2024-10-17 15:24:32 +02:00
hid-aureal.c
hid-axff.c
hid-belkin.c
hid-betopff.c HID: betop: check shape of output reports 2023-01-18 16:34:35 +01:00
hid-bigbenff.c hid: bigben_probe(): validate report count 2023-02-16 12:00:26 +01:00
hid-cherry.c
hid-chicony.c
hid-cmedia.c
hid-core.c HID: core: Fix assumption that Resolution Multipliers must be in Logical Collections 2025-02-08 09:51:45 +01:00
hid-corsair.c
hid-cougar.c HID: cougar: fix slab-out-of-bounds Read in cougar_report_fixup 2024-09-12 11:11:39 +02:00
hid-cp2112.c hid: cp2112: Fix IRQ shutdown stopping polling for all IRQs on chip 2023-11-20 11:59:22 +01:00
hid-creative-sb0540.c
hid-cypress.c
hid-debug.c input: Add support for "Do Not Disturb" 2024-07-25 09:50:44 +02:00
hid-dr.c
hid-elan.c HID: hid-elan: use default remove for hid device 2022-11-21 22:17:10 +01:00
hid-elecom.c HID: elecom: add support for TrackBall 056E:011C 2023-01-20 18:44:10 +01:00
hid-elo.c
hid-emsff.c
hid-evision.c HID: evision: Add preliminary support for EVision keyboards 2023-02-06 18:17:56 +01:00
hid-ezkey.c
hid-ft260.c HID: ft260: fix 'cast to restricted' kernel CI bot warnings 2022-11-11 11:09:36 +01:00
hid-gaff.c
hid-gembird.c
hid-generic.c HID: add per device quirk to force bind to hid-generic 2024-12-14 20:00:00 +01:00
hid-gfrm.c
hid-glorious.c HID: glorious: fix Glorious Model I HID report 2023-12-20 17:01:58 +01:00
hid-google-hammer.c HID: google: fix unused variable warning under !CONFIG_ACPI 2025-03-13 12:58:28 +01:00
hid-google-stadiaff.c HID: hid-google-stadiaff: add support for Stadia force feedback 2023-08-14 11:35:37 +02:00
hid-gt683r.c
hid-gyration.c
hid-holtek-kbd.c HID: holtek: fix slab-out-of-bounds Write in holtek_kbd_input_event 2023-09-18 17:13:01 +02:00
hid-holtek-mouse.c
hid-holtekff.c
hid-hyperv.c HID: hyperv: streamline driver probe to avoid devres issues 2024-12-09 10:31:58 +01:00
hid-icade.c
hid-ids.h HID: Add hid-universal-pidff driver and supported device ids 2025-04-25 10:45:12 +02:00
hid-input-test.c HID: input: map battery system charging 2022-12-20 15:30:35 +01:00
hid-input.c HID: fix generic desktop D-Pad controls 2025-02-08 09:51:56 +01:00
hid-ite.c HID: ite: Enable QUIRK_TOUCHPAD_ON_OFF_REPORT on Acer Aspire Switch V 10 2022-11-14 23:55:12 +01:00
hid-jabra.c
hid-kensington.c
hid-keytouch.c
hid-kye.c HID: kye: Fix rdesc for kye tablets 2023-04-13 16:16:04 +02:00
hid-lcpower.c
hid-led.c HID: hid-led: fix maximum brightness for Dream Cheeky 2022-04-21 10:28:49 +02:00
hid-lenovo.c HID: lenovo: Add support for Thinkpad X1 Tablet Gen 3 keyboard 2024-11-17 15:08:58 +01:00
hid-letsketch.c HID: letsketch: Use hid_is_usb() 2023-01-17 13:44:01 +01:00
hid-lg2ff.c
hid-lg3ff.c
hid-lg4ff.c HID: hid-lg4ff: Add check for empty lbuf 2022-11-14 23:56:52 +01:00
hid-lg4ff.h
hid-lg-g15.c HID: lg-g15: explicitly include linux/leds.h 2023-04-13 17:08:45 +02:00
hid-lg.c
hid-lg.h
hid-lgff.c
hid-logitech-dj.c HID: logitech-dj: Fix memory leak in logi_dj_recv_switch_to_dj_mode() 2024-06-21 14:38:31 +02:00
hid-logitech-hidpp.c HID: logitech-hidpp: add support for Logitech G Pro X Superlight 2 2024-03-01 13:34:50 +01:00
hid-macally.c
hid-magicmouse.c HID: magicmouse: Apple Magic Trackpad 2 USB-C driver support 2024-12-14 20:00:01 +01:00
hid-maltron.c
hid-mcp2200.c HID: mcp2200: added driver for GPIOs of MCP2200 2024-10-17 15:24:31 +02:00
hid-mcp2221.c HID: mcp-2221: cancel delayed_work only when CONFIG_IIO is enabled 2024-06-12 11:11:22 +02:00
hid-megaworld.c HID: Add support for Mega World controller force feedback 2022-05-06 08:29:26 +02:00
hid-mf.c
hid-microsoft.c HID: microsoft: Add rumble support to latest xbox controllers 2023-06-08 16:09:51 +02:00
hid-monterey.c
hid-multitouch.c HID: multitouch: Add NULL check in mt_input_configured 2025-02-21 13:57:06 +01:00
hid-nintendo.c HID: nintendo: Prevent divide-by-zero on code 2024-01-20 11:51:45 +01:00
hid-nti.c
hid-ntrig.c
hid-nvidia-shield.c HID: nvidia-shield: Add missing check for input_ff_create_memless 2024-06-21 14:38:26 +02:00
hid-ortek.c
hid-penmount.c
hid-petalynx.c
hid-picolcd_backlight.c
hid-picolcd_cir.c
hid-picolcd_core.c
hid-picolcd_debugfs.c
hid-picolcd_fb.c hid/picolcd: Remove flag FBINFO_FLAG_DEFAULT from fbdev driver 2023-07-24 16:50:39 +02:00
hid-picolcd_lcd.c
hid-picolcd_leds.c
hid-picolcd.h
hid-pl.c
hid-plantronics.c HID: hid-plantronics: Add mic mute mapping and generalize quirks 2025-04-07 10:06:35 +02:00
hid-playstation.c Merge branch 'for-6.3/sony' into for-linus 2023-02-22 10:40:03 +01:00
hid-primax.c
hid-prodikeys.c
hid-pxrc.c HID: Add driver for PhoenixRC Flight Controller 2022-09-20 11:36:21 +01:00
hid-quirks.c HID: ignore non-functional sensor in HP 5MP Camera 2025-03-22 12:50:41 -07:00
hid-razer.c
hid-redragon.c
hid-retrode.c
hid-rmi.c HID: i2c: let RMI devices decide what constitutes wakeup event 2022-11-21 18:56:20 +01:00
hid-roccat-arvo.c HID: roccat: make all 'class' structures const 2023-08-14 11:23:35 +02:00
hid-roccat-arvo.h
hid-roccat-common.c
hid-roccat-common.h
hid-roccat-isku.c HID: roccat: make all 'class' structures const 2023-08-14 11:23:35 +02:00
hid-roccat-isku.h
hid-roccat-kone.c HID: roccat: make all 'class' structures const 2023-08-14 11:23:35 +02:00
hid-roccat-kone.h
hid-roccat-koneplus.c HID: roccat: make all 'class' structures const 2023-08-14 11:23:35 +02:00
hid-roccat-koneplus.h
hid-roccat-konepure.c HID: roccat: make all 'class' structures const 2023-08-14 11:23:35 +02:00
hid-roccat-kovaplus.c HID: roccat: make all 'class' structures const 2023-08-14 11:23:35 +02:00
hid-roccat-kovaplus.h
hid-roccat-lua.c
hid-roccat-lua.h
hid-roccat-pyra.c HID: roccat: make all 'class' structures const 2023-08-14 11:23:35 +02:00
hid-roccat-pyra.h
hid-roccat-ryos.c HID: roccat: make all 'class' structures const 2023-08-14 11:23:35 +02:00
hid-roccat-savu.c HID: roccat: make all 'class' structures const 2023-08-14 11:23:35 +02:00
hid-roccat-savu.h
hid-roccat.c HID: roccat: make all 'class' structures const 2023-08-14 11:23:35 +02:00
hid-saitek.c HID: saitek: add madcatz variant of MMO7 mouse device ID 2022-10-18 14:42:45 +02:00
hid-samsung.c
hid-semitek.c
hid-sensor-custom.c HID: hid-sensor-custom: Fix buffer overrun in device name 2023-03-24 14:09:29 +01:00
hid-sensor-hub.c HID: hid-sensor-hub: don't use stale platform-data on remove 2025-02-17 09:40:21 +01:00
hid-sigmamicro.c
hid-sjoy.c
hid-sony.c HID: sony: remove duplicate NULL check before calling usb_free_urb() 2023-10-05 12:50:35 +02:00
hid-speedlink.c
hid-steam.c HID: hid-steam: Fix use-after-free when detaching device 2025-03-13 12:58:31 +01:00
hid-steelseries.c HID: steelseries: Fix signedness bug in steelseries_headset_arctis_1_fetch_battery() 2023-09-18 16:44:24 +02:00
hid-sunplus.c
hid-thrustmaster.c HID: hid-thrustmaster: fix stack-out-of-bounds read in usb_check_int_endpoints() 2025-02-21 13:57:06 +01:00
hid-tivo.c
hid-tmff.c
hid-topre.c HID: topre: Fix n-key rollover on Realforce R3S TKL boards 2025-03-22 12:50:41 -07:00
hid-topseed.c
hid-twinhan.c
hid-u2fzero.c hwrng: u2fzero - account for high quality RNG 2022-11-25 17:39:19 +08:00
hid-uclogic-core-test.c HID: uclogic: Fix a work->entry not empty bug in __queue_work() 2023-11-20 11:59:22 +01:00
hid-uclogic-core.c HID: uclogic: Correct devm device reference for hidinput input_dev name 2023-08-24 15:57:57 +02:00
hid-uclogic-params-test.c HID: uclogic: Fix user-memory-access bug in uclogic_params_ugee_v2_init_event_hooks() 2023-11-20 11:59:22 +01:00
hid-uclogic-params.c Merge branch 'for-6.3/uclogic' into for-linus 2023-02-22 10:41:39 +01:00
hid-uclogic-params.h HID: uclogic: Handle wireless device reconnection 2023-01-18 09:44:57 +01:00
hid-uclogic-rdesc-test.c HID: uclogic: Use KUNIT_EXPECT_MEMEQ 2023-01-18 09:47:04 +01:00
hid-uclogic-rdesc.c HID: uclogic: Refactor UGEEv2 probe magic data 2023-01-18 09:44:57 +01:00
hid-uclogic-rdesc.h HID: uclogic: Refactor UGEEv2 probe magic data 2023-01-18 09:44:57 +01:00
hid-udraw-ps3.c
hid-universal-pidff.c HID: pidff: Add PERIODIC_SINE_ONLY quirk 2025-04-25 10:45:12 +02:00
hid-viewsonic.c HID: uclogic: Switch to Digitizer usage for styluses 2022-05-11 14:19:27 +02:00
hid-vivaldi-common.c HID: vivaldi: convert to use dev_groups 2022-08-25 11:37:21 +02:00
hid-vivaldi-common.h HID: vivaldi: convert to use dev_groups 2022-08-25 11:37:21 +02:00
hid-vivaldi.c HID: vivaldi: convert to use dev_groups 2022-08-25 11:37:21 +02:00
hid-vrc2.c HID: Add driver for VRC-2 Car Controller 2022-09-20 11:35:00 +01:00
hid-waltop.c
hid-wiimote-core.c treewide: Convert del_timer*() to timer_shutdown*() 2022-12-25 13:38:09 -08:00
hid-wiimote-debug.c HID: hid-wiimote-debug.c: Drop error checking for debugfs_create_file 2023-08-14 11:14:42 +02:00
hid-wiimote-modules.c HID: wiimote: Add support for the DJ Hero turntable 2022-11-04 09:57:16 +01:00
hid-wiimote.h HID: wiimote: Add support for the DJ Hero turntable 2022-11-04 09:57:16 +01:00
hid-xiaomi.c
hid-xinmo.c
hid-zpff.c
hid-zydacron.c
hidraw.c HID: hidraw: fix a problem of memory leak in hidraw_release() 2024-02-05 20:14:34 +00:00
Kconfig HID: Add hid-universal-pidff driver and supported device ids 2025-04-25 10:45:12 +02:00
Makefile HID: Add hid-universal-pidff driver and supported device ids 2025-04-25 10:45:12 +02:00
uhid.c HID: uhid: Over-ride the default maximum data buffer value with our own 2023-02-23 11:52:05 +01:00
wacom_sys.c HID: wacom: fix when get product name maybe null pointer 2024-12-14 19:59:51 +01:00
wacom_wac.c HID: Wacom: Add PCI Wacom device support 2025-02-17 09:40:07 +01:00
wacom_wac.h HID: wacom: Do not warn about dropped packets for first packet 2024-10-04 16:29:12 +02:00
wacom.h HID: wacom: remove the battery when the EKR is off 2023-08-14 11:43:57 +02:00