Evolution-X-Devices/kernel_google_wahoo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fbdev: msm: check buffer size before writing to user buffer

Browse Source 
Check the number of bytes to copy against the size of the
user buffer before copy to user to avoid buffer overflow.

Bug: 79422277
Change-Id: Icdd3d4e755deca19fa431e903620bd9e4c701c89
Signed-off-by: Harsh Sahu <hsahu@codeaurora.org>
Signed-off-by: Dennis Cagle <dcagle@codeaurora.org>
Signed-off-by: Siqi Lin <siqilin@google.com>
This commit is contained in:
Harsh Sahu
2018-03-23 00:15:52 -07:00
committed by Badhri Jagan Sridharan
parent 48d8b3b014
commit e5a4d16631
1 changed files with 6 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
drivers/video/fbdev/msm/mdss_debug_xlog.c
View File

@@ -1,4 +1,4 @@
/* Copyright (c) 2014-2017, The Linux Foundation. All rights reserved.
/* Copyright (c) 2014-2018, The Linux Foundation. All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License version 2 and
@@ -720,6 +720,11 @@ static ssize_t mdss_xlog_dump_read(struct file *file, char __user *buff,
if (__mdss_xlog_dump_calc_range()) {
len = mdss_xlog_dump_entry(xlog_buf, MDSS_XLOG_BUF_MAX);
if (len < 0 || len > count) {
pr_err("len is more than the size of user buffer\n");
return 0;
}
if (copy_to_user(buff, xlog_buf, len))
return -EFAULT;
*ppos += len;