Re: [PATCH] usb: cdns3: gadget: fix NULL pointer dereference in ep_queue

Next message: Krzysztof Kozlowski: "Re: [PATCH 3/5] arm64: dts: ti: k3-am62a7: Add ti,soc-info to OPP table"
Previous message: Carlo Szelinsky: "[PATCH net-next v2 0/3] net: pse-pd: support module-based PSE controller drivers"
In reply to: Peter Chen (CIX): "Re: [PATCH] usb: cdns3: gadget: fix NULL pointer dereference in ep_queue"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Sergey Shtylyov

Date: Mon Mar 30 2026 - 09:36:18 EST

On 3/30/26 12:21 PM, Peter Chen (CIX) wrote:
[...]
>> When the gadget endpoint is disabled or not yet configured, the ep->desc
>> pointer can be NULL. This leads to a NULL pointer dereference when
>> __cdns3_gadget_ep_queue() is called, causing a kernel crash.
>>
>> Add a check to return -ESHUTDOWN if ep->desc is NULL, which is the
>> standard return code for unconfigured endpoints.
>>
>> This prevents potential crashes when ep_queue is called on endpoints
>> that are not ready.
>>
>> Signed-off-by: Yongchao Wu <yongchao.wu@xxxxxxxxxxxxx>
>
> Add Fixed-by tag and Cc to stable tree please, others:

I think you meant the Fixes tag. :-)

[...]

MBR, Sergey