USB: fix potential qtd use-after-free case in interrupt handler

author wlf <wulf@rock-chips.com>

Wed, 22 May 2013 09:46:51 +0000 (17:46 +0800)

committer wlf <wulf@rock-chips.com>

Wed, 22 May 2013 09:46:51 +0000 (17:46 +0800)
author wlf <wulf@rock-chips.com>
Wed, 22 May 2013 09:46:51 +0000 (17:46 +0800)
committer wlf <wulf@rock-chips.com>
Wed, 22 May 2013 09:46:51 +0000 (17:46 +0800)
diff --git a/drivers/usb/dwc_otg/dwc_otg_hcd_intr.c b/drivers/usb/dwc_otg/dwc_otg_hcd_intr.c

index 684e89164918fd7748d7f96df478bc75a96bbd28..524ce16943c76e5b6cfb147eb4b9ed1a0c6a5432 100755 (executable)
--- a/drivers/usb/dwc_otg/dwc_otg_hcd_intr.c
+++ b/drivers/usb/dwc_otg/dwc_otg_hcd_intr.c
@@ -1948,7 +1948,8 @@ int32_t dwc_otg_hcd_handle_hc_n_intr (dwc_otg_hcd_t *_dwc_otg_hcd, uint32_t _num
                 retval |= handle_hc_nak_intr(_dwc_otg_hcd, hc, hc_regs, qtd);
         }
         if (hcint.b.ack) {
-               retval |= handle_hc_ack_intr(_dwc_otg_hcd, hc, hc_regs, qtd);
+               if(!hcint.b.chhltd)
+                       retval |= handle_hc_ack_intr(_dwc_otg_hcd, hc, hc_regs, qtd);
         }
         if (hcint.b.nyet) {
                 retval |= handle_hc_nyet_intr(_dwc_otg_hcd, hc, hc_regs, qtd);
author	wlf <wulf@rock-chips.com>
	Wed, 22 May 2013 09:46:51 +0000 (17:46 +0800)
committer	wlf <wulf@rock-chips.com>
	Wed, 22 May 2013 09:46:51 +0000 (17:46 +0800)