bhyve: fix USB mouse requestsHEADmain

USB HCI requests may not include HCI transfer block structures (i.e.,
xfer->data[] == NULL), but in several places, the USB mouse emulation
code assumes one will exist. This can lead to a NULL pointer dereference
and a SEGV in the bhyve process as observed via experiments with an
Ubuntu guest and PyUSB code. Note that many of the cases processing
other request types already checked for data == NULL.

While in the neighborhood, fix a typo in the loop iterating over the
usb_data_xfer_block array which used the wrong variable to check for
valid data (idx vs. i).

Reported by: danmcd@edgecast.io
Obtained from: SmartOS
MFC after: 1 week
Relnotes: yes

Reviewed by:	imp
Differential Revision:	https://reviews.freebsd.org/D54661

0 files changed, 0 insertions, 0 deletions