From 85467f5094b0eb068d211d7a142e30426f199d62 Mon Sep 17 00:00:00 2001 From: Theo de Raadt Date: Thu, 12 Nov 2009 20:16:38 +0000 Subject: Avoid using the trick of malloc'ing more than a struct to grow the array of the last element. Bad technique. Use a pointer to the array. The author (or later people) will often not pay attention to the consequences of structure padding & alignment issues when they add new fields to the base structure, and there will be fireworks. tested by jasper, too --- sys/dev/usb/uhub.c | 12 +++++++++++- sys/dev/usb/usbdivar.h | 4 ++-- 2 files changed, 13 insertions(+), 3 deletions(-) (limited to 'sys/dev/usb') diff --git a/sys/dev/usb/uhub.c b/sys/dev/usb/uhub.c index 92ca543b15b..ce9647d68b9 100644 --- a/sys/dev/usb/uhub.c +++ b/sys/dev/usb/uhub.c @@ -1,4 +1,4 @@ -/* $OpenBSD: uhub.c,v 1.50 2009/10/13 19:33:19 pirofti Exp $ */ +/* $OpenBSD: uhub.c,v 1.51 2009/11/12 20:16:37 deraadt Exp $ */ /* $NetBSD: uhub.c,v 1.64 2003/02/08 03:32:51 ichiro Exp $ */ /* $FreeBSD: src/sys/dev/usb/uhub.c,v 1.18 1999/11/17 22:33:43 n_hibma Exp $ */ @@ -195,6 +195,12 @@ uhub_attach(struct device *parent, struct device *self, void *aux) M_USBDEV, M_NOWAIT); if (hub == NULL) return; + hub->ports = malloc(sizeof(struct usbd_port) * nports, + M_USBDEV, M_NOWAIT); + if (hub->ports == NULL) { + free(hub, M_USBDEV); + return; + } dev->hub = hub; dev->hub->hubsoftc = sc; hub->explore = uhub_explore; @@ -320,6 +326,8 @@ uhub_attach(struct device *parent, struct device *self, void *aux) return; bad: + if (hub->ports) + free(hub->ports, M_USBDEV); if (hub) free(hub, M_USBDEV); dev->hub = NULL; @@ -556,6 +564,8 @@ uhub_detach(struct device *self, int flags) if (hub->ports[0].tt) free(hub->ports[0].tt, M_USBDEV); + if (hub->ports) + free(hub->ports, M_USBDEV); free(hub, M_USBDEV); sc->sc_hub->hub = NULL; diff --git a/sys/dev/usb/usbdivar.h b/sys/dev/usb/usbdivar.h index 5addcde90e1..5a99af8f53c 100644 --- a/sys/dev/usb/usbdivar.h +++ b/sys/dev/usb/usbdivar.h @@ -1,4 +1,4 @@ -/* $OpenBSD: usbdivar.h,v 1.36 2009/11/04 19:14:10 kettenis Exp $ */ +/* $OpenBSD: usbdivar.h,v 1.37 2009/11/12 20:16:37 deraadt Exp $ */ /* $NetBSD: usbdivar.h,v 1.70 2002/07/11 21:14:36 augustss Exp $ */ /* $FreeBSD: src/sys/dev/usb/usbdivar.h,v 1.11 1999/11/17 22:33:51 n_hibma Exp $ */ @@ -88,7 +88,7 @@ struct usbd_hub { usbd_status (*explore)(usbd_device_handle hub); void *hubsoftc; usb_hub_descriptor_t hubdesc; - struct usbd_port ports[1]; + struct usbd_port *ports; }; struct usb_softc; -- cgit v1.2.3