Kernel panic with windows RNDIS, crude hack attached

[Paul Fertser]

Hi,

Alan Cox <alan at lxorguk.ukuu.org.uk> writes:
>> Crude patch attached but i very much hope that someone other who
>> understands rndis better than me will come with a real solution soon.
>
> I suspect the hardware is handing back a descriptor which is overlong. In
> which case the "correct" fix is probably to copy only as much as fits in
> the buffer (rather than the dummy string you do now)

Alan, I'm sorry to have written such a long letter with lots of
useless details but without a more extensive problem description, i
thought it was obvious to the folks working on usb/rndis.

The problem is that kernel panics in that same call to strlen,
obviously because it's handed a NULL pointer instead of sensible
vendorDescr.

The code that should set vendorDescr was commented out after some
refactoring and obviously nobody was interested to bring it back in
some sensible place:

#if 0
// FIXME
        if (rndis_set_param_vendor(rndis->config, vendorID,
                                manufacturer))
                goto fail0;
#endif  

The link [1] i mentioned in my previous letter has a hint from David
Brownell about how to properly fix it but as i have zero rndis
understanding i decided to ask for the fix those who can do that in a
matter of minutes, not hours as it'd take me.

[1] http://lists.zerezo.com/linux-kernel/msg19823021.html
-- 
Be free, use free (http://www.gnu.org/philosophy/free-sw.html) software!
mailto:fercerpav at gmail.com