Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Skip to content
Commit 33e48d1c authored by Trishansh Bhardwaj's avatar Trishansh Bhardwaj Committed by Gerrit - the friendly Code Review server
Browse files

msm: camera: Fix memory read security flaw 



Adds bound check on reg_cfg_cmd->u.dmi_info.hi_tbl_offset.

IOCTL VIDIOC_MSM_VFE_REG_CFG uses usersupplied value without
performing bounds check for following cmd_type.
VFE_READ_DMI_16BIT
VFE_READ_DMI_32BIT
VFE_READ_DMI_64BIT

Change-Id: I554c45ef3a172f5b5891b67a7e8e7a1f3f3882ed
Signed-off-by: default avatarTrishansh Bhardwaj <tbhardwa@codeaurora.org>
parent 6f2f4970
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment