narenas
/
opengnsys_ipxe
mirror of https://github.com/ipxe/ipxe.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
Clone of ipxe replica repo
6,008 Commits
13 Branches
11 Tags
107 MiB
C 97.4%
Assembly 1.3%
Perl 0.6%
Makefile 0.4%
Python 0.2%
 
 
 
 
 
Go to file
Michael Brown fbb776f2f2 [efi] Leave USB endpoint descriptors in existence until device is removed 
Some UEFI USB drivers (observed with the keyboard driver on a
Microsoft Surface Go) will react to an asynchronous USB transfer
failure by terminating the transfer from within the completion
handler.  This closes the USB endpoint and, in the current
implementation, frees the containing structure.

This can lead to use-after-free bugs after the UEFI USB driver's
completion handler returns, since the calling code in iPXE expects
that a completion handler will not perform a control-flow action such
as terminating the transfer.

Fix by leaving the USB endpoint structure allocated until the device
is finally removed, as is already done (as an optimisation) for
control and bulk transfers.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
 		2020-09-29 14:26:54 +01:00
contrib [coverity] Override assumptions about wcrtomb() and hmac_init() 2019-08-17 17:18:54 +01:00
src [efi] Leave USB endpoint descriptors in existence until device is removed 2020-09-29 14:26:54 +01:00
.travis.yml [travis] Ensure that most recent tag is always available 2020-01-03 00:14:03 +01:00
COPYING [legal] Update GPLv2 licence text 2015-02-26 17:59:53 +00:00
COPYING.GPLv2 [legal] Update GPLv2 licence text 2015-02-26 17:59:53 +00:00
COPYING.UBDL [legal] Add support for the Unmodified Binary Distribution Licence 2015-03-02 12:07:14 +00:00
README [doc] Re-add README file 2010-05-28 00:03:47 +01:00

README 

iPXE README File

Quick start guide:

   cd src
   make

For any more detailed instructions, see http://ipxe.org