Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit a4638c41 authored by Ravi kumar Koyyana's avatar Ravi kumar Koyyana Committed by Gerrit - the friendly Code Review server
Browse files

msm: camera2: cpp: Fix iommu_attach/detach compat_ioctl issue 



When the Camera application exercises the  V4L2  ioctl operations, CPP
driver would attempt to the copy  user space buffer  contents into the
internal kernel buffer.  If an invalid length of the user space buffer
is passed onto the driver, it could trigger buffer overflow condition.

Thus, fix this by copying user space buffer contents into kernel space
buffer of the  driver for further processing, only after checking for
proper length of user space buffer.

CRs-fixed: 2025367
Change-Id: I85cf4a961884c7bb0d036299b886044aef7baf7c
Signed-off-by: default avatarRavi kumar Koyyana <rkoyyana@codeaurora.org>
parent 822fa236
Show whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment