From 2a36618fa227c422bf60fcf7e281a16480d17d39 Mon Sep 17 00:00:00 2001
From: Henning Geinitz <sane@geinitz.org>
Date: Mon, 18 Oct 2004 19:39:18 +0000
Subject: [PATCH] When getting string descriptors, ask for the length of the
 descriptor first (bug #301001).

---
 ChangeLog                 |  5 +++++
 tools/sane-find-scanner.c | 36 +++++++++++++++++++++++++++++++-----
 2 files changed, 36 insertions(+), 5 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 8fe820f92..6cbf789a0 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,8 @@
+2004-10-18  Henning Meier-Geinitz <henning@meier-geinitz.de>
+
+	* tools/sane-find-scanner.c: When getting string descriptors, ask
+	  for the length of the descriptor first (bug #301001).
+
 2004-10-18  Ullrich Sigwanz <usigwanz@freesurf.ch>
 
         * backend/niash_core.c: 
diff --git a/tools/sane-find-scanner.c b/tools/sane-find-scanner.c
index a9a640d46..59cd56e43 100644
--- a/tools/sane-find-scanner.c
+++ b/tools/sane-find-scanner.c
@@ -385,20 +385,45 @@ static char *
 get_libusb_string_descriptor (struct usb_device *dev, int index)
 {
   usb_dev_handle *handle;
-  char *buffer;
+  char *buffer, short_buffer[2];
   struct usb_string_descriptor *sd;
-  int size = 100;
+  int size = 2;
   int i;
 
   if (!index)
     return 0;
+
+
+  handle = usb_open (dev);
+  if (!handle)
+    return 0;
+
+  sd = (struct usb_string_descriptor *) short_buffer;
+
+  if (usb_control_msg (handle,
+		       USB_ENDPOINT_IN + USB_TYPE_STANDARD + USB_RECIP_DEVICE,
+		       USB_REQ_GET_DESCRIPTOR,
+		       (USB_DT_STRING << 8) + index, 0, short_buffer,
+		       size, 1000) < 0)
+    {
+      usb_close (handle);
+      return 0;
+    }
+
+  if (sd->bLength < 2 
+      || sd->bDescriptorType != USB_DT_STRING)
+    {
+      usb_close (handle);
+      return 0;
+    }
+  
+  size = sd->bLength;
+
   buffer = calloc (1, size + 1);
   if (!buffer)
     return 0;
   sd = (struct usb_string_descriptor *) buffer;
-  handle = usb_open (dev);
-  if (!handle)
-    return 0;
+
   if (usb_control_msg (handle,
 		       USB_ENDPOINT_IN + USB_TYPE_STANDARD + USB_RECIP_DEVICE,
 		       USB_REQ_GET_DESCRIPTOR,
@@ -408,6 +433,7 @@ get_libusb_string_descriptor (struct usb_device *dev, int index)
       usb_close (handle);
       return 0;
     }
+
   if (sd->bLength < 2 || sd->bLength > size
       || sd->bDescriptorType != USB_DT_STRING)
     {