queue-5.1/revert-hid-increase-maximum-report-size-allowed-by-hid_field_extract.patch

   1 From 15fc1b5c86128f91c8c6699c3b0d9615740b13f1 Mon Sep 17 00:00:00 2001
   2 From: Benjamin Tissoires <benjamin.tissoires@redhat.com>
   3 Date: Wed, 5 Jun 2019 14:44:05 +0200
   4 Subject: Revert "HID: Increase maximum report size allowed by hid_field_extract()"
   5
   6 From: Benjamin Tissoires <benjamin.tissoires@redhat.com>
   7
   8 commit 15fc1b5c86128f91c8c6699c3b0d9615740b13f1 upstream.
   9
  10 This reverts commit 94a9992f7dbdfb28976b565af220e0c4a117144a.
  11
  12 The commit allows for more than 32 bits in hid_field_extract(),
  13 but the return value is a 32 bits int.
  14 So basically what this commit is doing is just silencing those
  15 legitimate errors.
  16
  17 Revert to a previous situation in the hope that a proper
  18 fix will be impletemented.
  19
  20 Fixes: 94a9992f7dbd ("HID: Increase maximum report size allowed by hid_field_extract()")
  21 Cc: stable@vger.kernel.org # v5.1
  22 Acked-by: Jiri Kosina <jkosina@suse.cz>
  23 Signed-off-by: Benjamin Tissoires <benjamin.tissoires@redhat.com>
  24 Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
  25
  26 ---
  27  drivers/hid/hid-core.c |    6 +++---
  28  1 file changed, 3 insertions(+), 3 deletions(-)
  29
  30 --- a/drivers/hid/hid-core.c
  31 +++ b/drivers/hid/hid-core.c
  32 @@ -1313,10 +1313,10 @@ static u32 __extract(u8 *report, unsigne
  33  u32 hid_field_extract(const struct hid_device *hid, u8 *report,
  34                         unsigned offset, unsigned n)
  35  {
  36 -       if (n > 256) {
  37 -               hid_warn(hid, "hid_field_extract() called with n (%d) > 256! (%s)\n",
  38 +       if (n > 32) {
  39 +               hid_warn(hid, "hid_field_extract() called with n (%d) > 32! (%s)\n",
  40                          n, current->comm);
  41 -               n = 256;
  42 +               n = 32;
  43         }
  44
  45         return __extract(report, offset, n);