Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Skip to content
Commit a24e6348 authored by Colin Ian King's avatar Colin Ian King Committed by Mauro Carvalho Chehab
Browse files

media: dvb_ca_en50221: sanity check slot number from userspace 



Currently a user can pass in an unsanitized slot number which
will lead to and out of range index into ca->slot_info. Fix this
by checking that the slot number is no more than the allowed
maximum number of slots. Seems that this bug has been in the driver
forever.

Detected by CoverityScan, CID#139381 ("Untrusted pointer read")

Signed-off-by: default avatarColin Ian King <colin.king@canonical.com>
Reviewed-by: default avatarDan Carpenter <dan.carpenter@oracle.com>
Reviewed-by: default avatarJasmin Jessich <jasmin@anw.at>
Signed-off-by: default avatarMauro Carvalho Chehab <mchehab@s-opensource.com>
parent 3ee6229f
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment