Ticket #43 (closed enhancement: fixed)

Opened 21 months ago

Last modified 13 months ago

[PATCH] Don't allow desc_index=0 in libusb_get_string_descriptor_ascii

Reported by: Hannibal Owned by: Hannibal
Component: libusb-1.0 Keywords:
Cc: Blocked By:
Blocks:

Description

As libusb_get_string_descriptor_ascii fetch by its own language list located on string index=0, fetching lang index by user request is probably programmer error. So make call with desc_index=0 return with INVALID_PARAM error.

This can also prevent some (probably buggy) device form erroneous behaviour. See my thread on libusb-devel ("Problem with new CUPS libusb backend").

Attachments

libusb.diff (970 bytes) - added by Hannibal 21 months ago.
Patch against 1.0.8
getdevserial.c (1.5 KB) - added by hannibal 16 months ago.
Program to fetch 0 stringID

Change History

Changed 21 months ago by Hannibal

Patch against 1.0.8

comment:1 Changed 20 months ago by dsd

libusb generally doesn't attempt to detect erroneous behaviour of the programmer. Instead, the programmer should be fixed ;)

But I might consider taking this. What's the result of calling this function on descriptor 0 before your patch is applied?

comment:2 Changed 20 months ago by Hannibal

If you ask, what it returns - I don't know. But I can write a program to check this.

More important is that OKI 14ex printer stop to print after this call. It has has all string desciptors = 0, so this device haven't string descriptors at all.

USB 1.1 (my case) specs doesn't tell explictly what device should return in that case, so the device can return anything. It may looks like LANGID table which can cause next call to have wrong params for sure.

It can happen with other indexes also - but this is less likely. Indexes are mostly read form device descriptors, not set explictly. So LANGID table i that case exists for sure.

Of course this patch can be more sofisticated. libusb can check if all string descriptors are 0, and don't allow to fetch any descriptor in that case. This should also fix my problem ;). But this will need more ovehead on init (or worse on fetch) - nevertheless it can be useful in debug mode.

Last edited 20 months ago by Hannibal (previous) (diff)

comment:3 Changed 16 months ago by dsd

Yes, I'm interested to know what it returns currently.

comment:4 Changed 16 months ago by hannibal

With latest git version, using program I'v attached to this ticket, I have:

my faulty printer:
./getdevserial 0x6BC 0xB
ASCII Length: -9; Text: �� ���
RAW Length: -9; Text: �� ���

proper working scanner:
./getdevserial 0x4A9 0x220E
ASCII Length: 1; Text: ?
RAW Length: 4; Text: o�

It seems it return LIBUSB_ERROR_PIPE.

Changed 16 months ago by hannibal

Program to fetch 0 stringID

comment:5 Changed 15 months ago by stuge

The email thread is at http://marc.info/?t=127378047900003

The fault is absolutely with any program which fails to validate that dev.iSerialNumber != 0 before calling libusb_get_string_descriptor_ascii().

But we might as well check for it in the library, it's easy enough. Will commit.

comment:6 Changed 15 months ago by hannibal

Thanks

comment:7 Changed 13 months ago by Hannibal

  • Owner set to Hannibal
  • Status changed from new to closed
  • Resolution set to fixed

In [0f85015bdf87f3bca0d86ed87c9b976176640922/libusb]:

Disallow libusb_get_string_descriptor_ascii() with index 0

String descriptor 0 is the list of supported language IDs in the device,
which can't have an ASCII representation. Calling the function with
index 0 is thus not really useful. Fixes #43.

Note: See TracTickets for help on using tickets.