samsung-sm8650/android_kernel_samsung_sm8650-modules
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
f2cad8ef24b68cbf9d0198c45ca8c8a08347da2c
android_kernel_samsung_sm86…/drivers/cam_sync
History
Trishansh Bhardwaj 0d847c06fe msm: camera: sync: Prevent OOB access of sync name 
Issue:
strlcpy calls strlen on src ptr. If src is not NULL terminated then OOB
access will occur in below stack.
  strlen
  strlcpy
  cam_sync_init_row
  cam_sync_handle_create
  cam_sync_dev_ioctl

Fix:
Pad user-space supplied name with NULL.

CRs-Fixed: 3010262
Change-Id: Ib5c2fbfe395025ec05e0bb2980f86111e95ff54c
Signed-off-by: Trishansh Bhardwaj <tbhardwa@codeaurora.org>
2021-08-31 10:24:05 -07:00
..
cam_sync_api.h
msm: camera: sync: Add SYNC_V4L_EVENT_V2 support in sync driver
2020-08-16 11:14:20 +05:30
cam_sync_private.h
msm: camera: sync: Increase V4l2 queue size to 250
2020-10-20 22:37:50 -07:00
cam_sync_util.c
msm: camera: core: Add delay detection support
2021-08-11 22:18:10 +05:30
cam_sync_util.h
msm: camera: sync: Fix imports for types
2020-09-18 16:11:21 -07:00
cam_sync.c
msm: camera: sync: Prevent OOB access of sync name
2021-08-31 10:24:05 -07:00