header.bLength);
r = LIBUSB_ERROR_IO;
goto err;
+ } else if (header.bLength > size) {
+ usbi_warn(ctx, "invalid descriptor of length %d",
+ header.bLength);
+ /* The remaining bytes are bogus, but at least
+ * one interface is OK, so let's continue. */
+ break;
}
/* If we find another "proper" descriptor then we're done */
while (size >= DESC_HEADER_LENGTH) {
usbi_parse_descriptor(buffer, "bb", &header, 0);
+ /* If we've parsed at least one config descriptor then
+ * let's return that. */
+ if (header.bLength > size && i) {
+ usbi_warn(ctx, "invalid descriptor length of %d",
+ header.bLength);
+ return size;
+ }
+
if ((header.bLength > size) ||
(header.bLength < DESC_HEADER_LENGTH)) {
usbi_err(ctx, "invalid descriptor length of %d",
r = LIBUSB_ERROR_NOT_FOUND;
} else if (r < len - sizeof(tmp)) {
usbi_err(DEVICE_CTX(dev), "short read %d/%d", r, len);
- r = LIBUSB_ERROR_IO;
+ r = 0;
}
} else {
r = 0;
return LIBUSB_ERROR_IO;
} else if (r < len) {
usbi_err(ctx, "short output read %d/%d", r, len);
- return LIBUSB_ERROR_IO;
}
return 0;