[U-Boot] [PATCH v1] dm: usb: Prevent NULL hub in usb_device_info()
Simon Glass
sjg at chromium.org
Thu Jun 30 01:05:05 CEST 2016
Hi Bernhard,
On 29 June 2016 at 01:43, Bernhard Nortmann <bernhard.nortmann at web.de> wrote:
> This patch modifies the usb_device_info() function to enumerate
> active USB hubs by iterating UCLASS_USB_HUB directly.
>
> The previous code used UCLASS_USB nodes instead and retrieved
> their first child node, expecting it to be a hub. However, it
> did not protect against retrieving (and dereferencing) a NULL
> pointer this way.
>
> Depending on the available USB hardware, this might happen easily.
> For example the USB controller on sun7i-a20 has top-level OHCI
> nodes that won't have any children as long as no USB1-only
> peripheral is attached. ("usb tree" will only show EHCI nodes.)
>
> The failure can also be demonstrated with U-Boot's sandbox
> architecture, by simply enabling the inactive "usb_2" node in
> test.dts. This creates a similar situation, where the existing
> usb_device_info() implementation would crash (segfault) when
> issuing a "usb info" command.
>
> Signed-off-by: Bernhard Nortmann <bernhard.nortmann at web.de>
>
> ---
>
> cmd/usb.c | 15 +++++----------
> 1 file changed, 5 insertions(+), 10 deletions(-)
Reviewed-by: Simon Glass <sjg at chromium.org>
My only concern is whether this changes the ordering (since the
devices' devnum is printed out). But the existing ordering may not be
any better anyway, and if we had a problem we could sort it before
outputting the info, so it seems OK to me.
Thanks for fixing the bug.
- Simon
More information about the U-Boot
mailing list