From 43638d29a8a60dd6b4e5444a5551e9b3b0758cab Mon Sep 17 00:00:00 2001 From: iedowse Date: Mon, 15 Jul 2002 14:37:36 +0000 Subject: Re-fetch the interface handle after setting the config number, because the previous interface handle gets freed when the config number is set. This fixes a problem where memory could be accessed after it was freed when the interface was ifconfig'd up. Reviewed by: n_hibma --- sys/dev/usb/if_kue.c | 4 +++- sys/dev/usb/if_kuereg.h | 1 + 2 files changed, 4 insertions(+), 1 deletion(-) (limited to 'sys/dev') diff --git a/sys/dev/usb/if_kue.c b/sys/dev/usb/if_kue.c index 1805108..8c50cf5 100644 --- a/sys/dev/usb/if_kue.c +++ b/sys/dev/usb/if_kue.c @@ -363,7 +363,9 @@ kue_setmulti(struct kue_softc *sc) Static void kue_reset(struct kue_softc *sc) { - if (usbd_set_config_no(sc->kue_udev, KUE_CONFIG_NO, 0)) { + if (usbd_set_config_no(sc->kue_udev, KUE_CONFIG_NO, 0) || + usbd_device2interface_handle(sc->kue_udev, KUE_IFACE_IDX, + &sc->kue_iface)) { printf("kue%d: getting interface handle failed\n", sc->kue_unit); } diff --git a/sys/dev/usb/if_kuereg.h b/sys/dev/usb/if_kuereg.h index 0654ab6..a72faad 100644 --- a/sys/dev/usb/if_kuereg.h +++ b/sys/dev/usb/if_kuereg.h @@ -121,6 +121,7 @@ struct kue_ether_desc { #define KUE_CTL_WRITE 0x02 #define KUE_CONFIG_NO 1 +#define KUE_IFACE_IDX 0 /* * The interrupt endpoint is currently unused -- cgit v1.1