3162c8540d
Using fu_common_strnsplit() has the drawback that a malicious user (or a fuzzer!) could create a file with 5,000,000 newlines, and then pass that into any parser that tokenizes into lines. This causes millions of tiny allocations and quickly dirties hundreds of megabytes of RSS due to heap overheads. Rather than splitting a huge array and then processing each line, set up a callback to process each line and only allocate the next string if the token was parsed correctly. This means that we don't even dup the buffer before we start parsing, rather than allocating everything and then failing at the first hurdle. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=38696 |
||
|---|---|---|
| .. | ||
| data | ||
| fu-plugin-wacom-usb.c | ||
| fu-self-test.c | ||
| fu-wac-android-device.c | ||
| fu-wac-android-device.h | ||
| fu-wac-common.c | ||
| fu-wac-common.h | ||
| fu-wac-device.c | ||
| fu-wac-device.h | ||
| fu-wac-firmware.c | ||
| fu-wac-firmware.h | ||
| fu-wac-module-bluetooth.c | ||
| fu-wac-module-bluetooth.h | ||
| fu-wac-module-touch.c | ||
| fu-wac-module-touch.h | ||
| fu-wac-module.c | ||
| fu-wac-module.h | ||
| meson.build | ||
| README.md | ||
| wacom-usb.quirk | ||
Wacom USB
Introduction
Wacom provides interactive pen displays, pen tablets, and styluses to equip and inspire everyone make the world a more creative place.
From 2016 Wacom has been using a HID-based proprietary flashing algorithm which has been documented by support team at Wacom and provided under NDA under the understanding it would be used to build a plugin under a LGPLv2+ license.
Wacom devices are actually composite devices, with the main ARM CPU being programmed using a more complicated erase, write, verify algorithm based on a historical update protocol. The "sub-module" devices use a newer protocol, again based on HID, but are handled differently depending on their type.
Firmware Format
The daemon will decompress the cabinet archive and extract a firmware blob in the following formats:
- Touch module: Intel HEX file format
- Bluetooth module: Unknown airoflash file format
- EMR module: Plain SREC file format
- Main module: SREC file format, with a custom
WACOMvendor header
This plugin supports the following protocol ID:
- com.wacom.usb
GUID Generation
These devices use the standard USB DeviceInstanceId values, e.g.
USB\VID_056A&PID_0378&REV_0001USB\VID_056A&PID_0378USB\VID_056A
Update Behavior
The firmware is deployed when the device is in normal runtime mode, and the device will reset when the new firmware has been written.
Vendor ID Security
The vendor ID is set from the USB vendor, for example set to USB:0x056A
External Interface Access
This plugin requires read/write access to /dev/bus/usb.