From 5305df7966eb920291cb2eafad27e5e201edd79b Mon Sep 17 00:00:00 2001
From: =?utf8?q?L=C3=A9o=20Lam?= <leo@innovatetechnologi.es>
Date: Fri, 3 May 2019 12:57:43 +0200
Subject: [PATCH] windows_winusb: Bounds check interface for
 check_valid_interface

This prevents a nasty out-of-bounds read and a likely crash when
the interface number is invalid.

Closes #568

Signed-off-by: Nathan Hjelm <hjelmn@me.com>
---
 libusb/os/windows_winusb.c | 3 +++
 libusb/version_nano.h      | 2 +-
 2 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/libusb/os/windows_winusb.c b/libusb/os/windows_winusb.c
index e18a723..c7aec1f 100644
--- a/libusb/os/windows_winusb.c
+++ b/libusb/os/windows_winusb.c
@@ -2412,6 +2412,9 @@ static int get_valid_interface(struct libusb_device_handle *dev_handle, int api_
 */
 static int check_valid_interface(struct libusb_device_handle *dev_handle, unsigned short interface, int api_id)
 {
+	if (interface >= USB_MAXINTERFACES)
+		return -1;
+
 	struct winusb_device_handle_priv *handle_priv = _device_handle_priv(dev_handle);
 	struct winusb_device_priv *priv = _device_priv(dev_handle->dev);
 
diff --git a/libusb/version_nano.h b/libusb/version_nano.h
index 971eaf4..50676e4 100644
--- a/libusb/version_nano.h
+++ b/libusb/version_nano.h
@@ -1 +1 @@
-#define LIBUSB_NANO 11373
+#define LIBUSB_NANO 11374
-- 
2.7.4