mirror of
https://github.com/torvalds/linux.git
synced 2024-12-13 14:43:03 +00:00
7dc482dfee
Almost all r128's private ioctls require that the CCE state has already been initialised. However, most do not test that this has been done, and will proceed to dereference a null pointer. This may result in a security vulnerability, since some ioctls are unprivileged. This adds a macro for the common initialisation test and changes all ioctl implementations that require prior initialisation to use that macro. Also, r128_do_init_cce() does not test that the CCE state has not been initialised already. Repeated initialisation may lead to a crash or resource leak. This adds that test. Signed-off-by: Ben Hutchings <ben@decadent.org.uk> Signed-off-by: Dave Airlie <airlied@redhat.com> |
||
---|---|---|
.. | ||
Makefile | ||
r128_cce.c | ||
r128_drv.c | ||
r128_drv.h | ||
r128_ioc32.c | ||
r128_irq.c | ||
r128_state.c |