From 3faa2c802eaa1ab06c2817af1e234fd839a543c4 Mon Sep 17 00:00:00 2001 From: Julius Werner Date: Wed, 14 Feb 2018 16:42:47 -0800 Subject: libpayload: usbhid: Zero-initialize all parts of usbhid instance struct MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The USBHID driver zero-initializes some but not all of the fields in its usbhid_inst_t structure. This is a problem because under some circumstances, some of the uninitialized fields may be read and lead to incorrect behavior. Some (broken) USB keyboards keep sending reports that contain all zeroes even when they have no new keys... these usually get silently ignored, but if the usbhid_inst_t structure is in an inconsistent state where 'previous' is zeroed out but 'lastkeypress' is non-zero because it wasn't properly initialized, these reports will be interpreted as keyrepeats of the bogus 'lastkeypress'. This patch changes the code to just xzalloc() the whole structure so we won't have to worry about initialization issues anymore. Change-Id: Ic987de2daaceaad2ae401a1e12b1bee397f802ee Signed-off-by: Julius Werner Reviewed-on: https://review.coreboot.org/23766 Tested-by: build bot (Jenkins) Reviewed-by: Aaron Durbin Reviewed-by: Paul Menzel Reviewed-by: Patrick Georgi Reviewed-by: Philippe Mathieu-Daudé --- payloads/libpayload/drivers/usb/usbhid.c | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) (limited to 'payloads') diff --git a/payloads/libpayload/drivers/usb/usbhid.c b/payloads/libpayload/drivers/usb/usbhid.c index 3100d37388..68130f80b0 100644 --- a/payloads/libpayload/drivers/usb/usbhid.c +++ b/payloads/libpayload/drivers/usb/usbhid.c @@ -439,11 +439,7 @@ usb_hid_init (usbdev_t *dev) boot_protos[interface->bInterfaceProtocol]); switch (interface->bInterfaceProtocol) { case hid_boot_proto_keyboard: - dev->data = malloc (sizeof (usbhid_inst_t)); - if (!dev->data) - fatal("Not enough memory for USB HID device.\n"); - memset(&HID_INST(dev)->previous, 0x00, - sizeof(HID_INST(dev)->previous)); + dev->data = xzalloc (sizeof (usbhid_inst_t)); usb_debug (" configuring...\n"); usb_hid_set_protocol(dev, interface, hid_proto_boot); usb_hid_set_idle(dev, interface, KEYBOARD_REPEAT_MS); -- cgit v1.2.3