Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Skip to content
Commit fa5ee0d2 authored by Trishansh Bhardwaj's avatar Trishansh Bhardwaj Committed by Gerrit - the friendly Code Review server
Browse files

msm: camera: Fix kernel overwrite GET_BUF_BY_IDX ioctl 



Assign address of buf_info into ioctl_ptr.
Previously we were copying first 8 bytes of buf_info (content)
into ioctl_ptr. Which is dereferenced and written later causing
kernel overwrite vulnerability.

Change-Id: Ie5deae249da8208523027f8ec5632f960757e9bd
Signed-off-by: default avatarTrishansh Bhardwaj <tbhardwa@codeaurora.org>
parent 048c7007
Show whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment