From 0e64c74a7817beb89ba4f95b592b23a67cc22673 Mon Sep 17 00:00:00 2001
From: brian218 <brian218@users.noreply.github.com>
Date: Wed, 18 Jan 2023 10:22:47 +0800
Subject: [PATCH] sys_usbd: Added buffer null check for
 sys_usbd_transfer_data()

---
 rpcs3/Emu/Cell/lv2/sys_usbd.cpp | 28 +++++++++++++++++++++++++---
 1 file changed, 25 insertions(+), 3 deletions(-)

diff --git a/rpcs3/Emu/Cell/lv2/sys_usbd.cpp b/rpcs3/Emu/Cell/lv2/sys_usbd.cpp
index 0726d96e3f..6cf3ed1cdb 100644
--- a/rpcs3/Emu/Cell/lv2/sys_usbd.cpp
+++ b/rpcs3/Emu/Cell/lv2/sys_usbd.cpp
@@ -983,10 +983,32 @@ error_code sys_usbd_transfer_data(ppu_thread& ppu, u32 handle, u32 id_pipe, vm::
 		}
 
 		// Claiming interface
-		if (request->bmRequestType == 0 && request->bRequest == 0x09)
+		switch (request->bmRequestType)
 		{
-			pipe.device->set_configuration(static_cast<u8>(+request->wValue));
-			pipe.device->set_interface(0);
+		case LIBUSB_ENDPOINT_OUT | LIBUSB_REQUEST_TYPE_STANDARD | LIBUSB_RECIPIENT_DEVICE:
+		{
+			switch (request->bRequest)
+			{
+			case LIBUSB_REQUEST_SET_CONFIGURATION:
+			{
+				pipe.device->set_configuration(static_cast<u8>(+request->wValue));
+				pipe.device->set_interface(0);
+				break;
+			}
+			default: break;
+			}
+			break;
+		}
+		case LIBUSB_ENDPOINT_IN | LIBUSB_REQUEST_TYPE_STANDARD | LIBUSB_RECIPIENT_DEVICE:
+		{
+			if (!buf)
+			{
+				sys_usbd.error("Invalid buffer for control_transfer");
+				return CELL_EFAULT;
+			}
+			break;
+		}
+		default: break;
 		}
 
 		pipe.device->control_transfer(request->bmRequestType, request->bRequest, request->wValue, request->wIndex, request->wLength, buf_size, buf.get_ptr(), &transfer);