If the buffer given to the ucc interrupt handler is too long, do not

discard it but instead just inspect the first bytes that can make up a
usage. This is a work around as the correct solution is to only inspect
a limited number of bits as given by the report count and size
associated with the Consumer usage page.

Final piece to get florian@'s Microsoft Sculpt keyboard working.

diff --git a/sys/dev/usb/ucc.c b/sys/dev/usb/ucc.c
index 6043d70..0e1986b 100644 (file)
--- a/sys/dev/usb/ucc.c
+++ b/sys/dev/usb/ucc.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: ucc.c,v 1.7 2021/08/25 05:45:33 anton Exp $   */
+/*     $OpenBSD: ucc.c,v 1.8 2021/08/25 05:46:31 anton Exp $   */
 
 /*
  * Copyright (c) 2021 Anton Lindqvist <anton@openbsd.org>
@@ -479,11 +479,19 @@ int
 ucc_intr_to_usage(u_char *buf, u_int buflen, int32_t *usage)
 {
        int32_t x = 0;
+       int maxlen = sizeof(*usage);
        int i;
 
-       if (buflen == 0 || buflen > sizeof(*usage))
+       if (buflen == 0)
                return 1;
 
+       /*
+        * XXX should only look at the bits given by the report size and report
+        * count associated with the Consumer usage page.
+        */
+       if (buflen > maxlen)
+               buflen = maxlen;
+
        for (i = buflen - 1; i >= 0; i--) {
                x |= buf[i];
                if (i > 0)