USB: check usb_get_extra_descriptor for proper size

		/* descriptor may appear anywhere in config */

		err = __usb_get_extra_descriptor(udev->rawdescriptors[0],

				le16_to_cpu(udev->config[0].desc.wTotalLength),

				USB_DT_OTG, (void **) &desc);

				USB_DT_OTG, (void **) &desc, sizeof(*desc));

		if (err || !(desc->bmAttributes & USB_OTG_HNP))

			return 0;

 */

int __usb_get_extra_descriptor(char *buffer, unsigned size,

			       unsigned char type, void **ptr)

			       unsigned char type, void **ptr, size_t minsize)

{

	struct usb_descriptor_header *header;

	while (size >= sizeof(struct usb_descriptor_header)) {

		header = (struct usb_descriptor_header *)buffer;

		if (header->bLength < 2) {

		if (header->bLength < 2 || header->bLength > size) {

			printk(KERN_ERR

				"%s: bogus descriptor, type %d length %d\n",

				usbcore_name,

			return -1;

		}

		if (header->bDescriptorType == type) {

		if (header->bDescriptorType == type && header->bLength >= minsize) {

			*ptr = header;

			return 0;

		}

	top = itr + itr_size;

	result = __usb_get_extra_descriptor(usb_dev->rawdescriptors[index],

			le16_to_cpu(usb_dev->actconfig->desc.wTotalLength),

			USB_DT_SECURITY, (void **) &secd);

			USB_DT_SECURITY, (void **) &secd, sizeof(*secd));

	if (result == -1) {

		dev_warn(dev, "BUG? WUSB host has no security descriptors\n");

		return 0;

};

int __usb_get_extra_descriptor(char *buffer, unsigned size,

	unsigned char type, void **ptr);

	unsigned char type, void **ptr, size_t min);

#define usb_get_extra_descriptor(ifpoint, type, ptr) \

				__usb_get_extra_descriptor((ifpoint)->extra, \

				(ifpoint)->extralen, \

				type, (void **)ptr)

				type, (void **)ptr, sizeof(**(ptr)))

/* ----------------------------------------------------------------------- */