USB: wusb: correctly check size of security descriptor.

Reported-by: Roel Kluin <roel.kluin@gmail.com> Signed-off-by: David Vrabel <david.vrabel@csr.com> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
author: David Vrabel <david.vrabel@csr.com> 2009-12-07 08:50:41 -0500
committer: Greg Kroah-Hartman <gregkh@suse.de> 2009-12-11 14:55:26 -0500
commit: 9279095a9ec191f446372c764413d586c3656214 (patch)
tree: c4d2768e6d92419213da60f6b562196a1c82fd94 /drivers/usb/wusbcore/security.c
parent: 2e9729d0f86094e52d14e8b9e17c0aad565ee477 (diff)
1 files changed, 3 insertions, 3 deletions
diff --git a/drivers/usb/wusbcore/security.c b/drivers/usb/wusbcore/security.c
index 4516c36436e6..edcd2d756037 100644
--- a/drivers/usb/wusbcore/security.c
+++ b/drivers/usb/wusbcore/security.c
@@ -205,15 +205,15 @@ int wusb_dev_sec_add(struct wusbhc *wusbhc,
        const void *itr, *top;
        char buf[64];
-        secd = kmalloc(sizeof(struct usb_security_descriptor), GFP_KERNEL);
+        secd = kmalloc(sizeof(*secd), GFP_KERNEL);
        if (secd == NULL) {
                result = -ENOMEM;
                goto out;
        }
        result = usb_get_descriptor(usb_dev, USB_DT_SECURITY,
-                                    0, secd, sizeof(struct usb_security_descriptor));
+                                    0, secd, sizeof(*secd));
-        if (result < sizeof(secd)) {
+        if (result < sizeof(*secd)) {
                dev_err(dev, "Can't read security descriptor or "
                        "not enough data: %d\n", result);
                goto out;
author	David Vrabel <david.vrabel@csr.com>	2009-12-07 08:50:41 -0500
committer	Greg Kroah-Hartman <gregkh@suse.de>	2009-12-11 14:55:26 -0500
commit	9279095a9ec191f446372c764413d586c3656214 (patch)
tree	c4d2768e6d92419213da60f6b562196a1c82fd94 /drivers/usb/wusbcore/security.c
parent	2e9729d0f86094e52d14e8b9e17c0aad565ee477 (diff)

diff --git a/drivers/usb/wusbcore/security.c b/drivers/usb/wusbcore/security.c index 4516c36436e6..edcd2d756037 100644 --- a/drivers/usb/wusbcore/security.c +++ b/drivers/usb/wusbcore/security.c
@@ -205,15 +205,15 @@ int wusb_dev_sec_add(struct wusbhc *wusbhc,
205	const void itr, top;	205	const void itr, top;
206	char buf[64];	206	char buf[64];
207		207
208	secd = kmalloc(sizeof(struct usb_security_descriptor), GFP_KERNEL);	208	secd = kmalloc(sizeof(*secd), GFP_KERNEL);
209	if (secd == NULL) {	209	if (secd == NULL) {
210	result = -ENOMEM;	210	result = -ENOMEM;
211	goto out;	211	goto out;
212	}	212	}
213		213
214	result = usb_get_descriptor(usb_dev, USB_DT_SECURITY,	214	result = usb_get_descriptor(usb_dev, USB_DT_SECURITY,
215	0, secd, sizeof(struct usb_security_descriptor));	215	0, secd, sizeof(*secd));
216	if (result < sizeof(secd)) {	216	if (result < sizeof(*secd)) {
217	dev_err(dev, "Can't read security descriptor or "	217	dev_err(dev, "Can't read security descriptor or "
218	"not enough data: %d\n", result);	218	"not enough data: %d\n", result);
219	goto out;	219	goto out;