Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 649de266 authored by Dmitry Torokhov's avatar Dmitry Torokhov Committed by Gerrit - the friendly Code Review server
Browse files

Input: gtco - fix potential out-of-bound access 



parse_hid_report_descriptor() has a while (i < length) loop, which
only guarantees that there's at least 1 byte in the buffer, but the
loop body can read multiple bytes which causes out-of-bounds access.

Reported-by: default avatarAndrey Konovalov <andreyknvl@google.com>
Reviewed-by: default avatarAndrey Konovalov <andreyknvl@google.com>
Cc: stable@vger.kernel.org
Signed-off-by: default avatarDmitry Torokhov <dmitry.torokhov@gmail.com>
Change-Id: I7b57556c100d28d8f10c03ea5480224e770fb64a
Git-commit: a50829479f58416a013a4ccca791336af3c584c7
Git-repo: https://android.googlesource.com/kernel/common


Signed-off-by: default avatarSrinivasa Rao Kuppala <srkupp@codeaurora.org>
parent d109e629
Show whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment