Minki/linux
1
0
Fork 1
mirror of https://github.com/torvalds/linux.git synced 2024-12-21 10:31:54 +00:00
Code Issues Packages Projects Releases Wiki Activity
a2e2d73fa2
linux/drivers/media/v4l2-core
History
Peilin Ye 4ffb879ea6 media: media/v4l2-core: Fix kernel-infoleak in video_put_user() 
video_put_user() is copying uninitialized stack memory to userspace due
to the compiler not initializing holes in the structures declared on the
stack. Fix it by initializing `ev32` and `vb32` using memset().

Reported-and-tested-by: syzbot+79d751604cb6f29fbf59@syzkaller.appspotmail.com
Link: https://syzkaller.appspot.com/bug?extid=79d751604cb6f29fbf59

Cc: stable@vger.kernel.org
Fixes: 1a6c0b36dd ("media: v4l2-core: fix VIDIOC_DQEVENT for time64 ABI")
Fixes: 577c89b0ce ("media: v4l2-core: fix v4l2_buffer handling for time64 ABI")
Reviewed-by: Laurent Pinchart <laurent.pinchart@ideasonboard.com>
Reviewed-by: Arnd Bergmann <arnd@arndb.de>
Signed-off-by: Peilin Ye <yepeilin.cs@gmail.com>
Signed-off-by: Hans Verkuil <hverkuil-cisco@xs4all.nl>
Signed-off-by: Mauro Carvalho Chehab <mchehab+huawei@kernel.org>
2020-08-26 16:29:36 +02:00
..
Kconfig media: v4l2-core: Add helpers to build the H264 P/B0/B1 reflists 2020-04-21 13:46:40 +02:00
Makefile media: v4l2-core: Add helpers to build the H264 P/B0/B1 reflists 2020-04-21 13:46:40 +02:00
tuner-core.c treewide: Add SPDX license identifier for more missed files 2019-05-21 10:50:45 +02:00
v4l2-async.c media: v4l2-async: Log message in case of heterogeneous fwnode match 2020-07-19 14:17:16 +02:00
v4l2-clk.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
v4l2-common.c mm: don't include asm/pgtable.h if linux/mm.h is already included 2020-06-09 09:39:13 -07:00
v4l2-compat-ioctl32.c media: videobuf2: handle V4L2_FLAG_MEMORY_NON_CONSISTENT flag 2020-06-23 13:32:41 +02:00
v4l2-ctrls.c media: v4l2-ctrls: Unset correct HEVC loop filter flag 2020-06-11 19:21:14 +02:00
v4l2-dev.c media: v4l2-dev/ioctl: Add V4L2_CAP_IO_MC 2020-05-06 12:08:25 +02:00
v4l2-device.c media: v4l2-dev: Add v4l2_device_register_ro_subdev_node() 2020-05-12 17:04:07 +02:00
v4l2-dv-timings.c media: v4l2-dv-timings: Use DIV_ROUND_CLOSEST directly to make it readable 2019-11-05 08:49:22 -03:00
v4l2-event.c media: v4l2-core: fix VIDIOC_DQEVENT for time64 ABI 2020-01-03 15:47:57 +01:00
v4l2-fh.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 174 2019-05-30 11:26:41 -07:00
v4l2-flash-led-class.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
v4l2-fwnode.c media updates for v5.8-rc1 2020-06-03 20:59:38 -07:00
v4l2-h264.c media: v4l2-core: Add helpers to build the H264 P/B0/B1 reflists 2020-04-21 13:46:40 +02:00
v4l2-i2c.c media: v4l2-core: v4l2-i2c: convert to new API with ERRPTR 2020-02-24 15:21:52 +01:00
v4l2-ioctl.c media: media/v4l2-core: Fix kernel-infoleak in video_put_user() 2020-08-26 16:29:36 +02:00
v4l2-jpeg.c media: add v4l2 JPEG helpers 2020-04-14 11:47:47 +02:00
v4l2-mc.c media: v4l2-mc: add v4l2_create_fwnode_links helpers 2020-05-18 11:14:05 +02:00
v4l2-mem2mem.c media: Add V4L2_TYPE_IS_CAPTURE helper 2020-07-19 08:13:24 +02:00
v4l2-spi.c v4l2-core: fix coding style for the two new c files 2019-08-26 11:01:25 -03:00
v4l2-subdev.c media: v4l2-subdev: add v4l2_subdev_get_fwnode_pad_1_to_1 2020-05-18 11:12:52 +02:00
v4l2-trace.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
videobuf-core.c mmap locking API: use coccinelle to convert mmap_sem rwsem call sites 2020-06-09 09:39:14 -07:00
videobuf-dma-contig.c mmap locking API: use coccinelle to convert mmap_sem rwsem call sites 2020-06-09 09:39:14 -07:00
videobuf-dma-sg.c mmap locking API: convert mmap_sem comments 2020-06-09 09:39:14 -07:00
videobuf-vmalloc.c mm: reorder includes after introduction of linux/pgtable.h 2020-06-09 09:39:13 -07:00