TWxSoftware/twx-linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
v6.6.49
twx-linux/drivers/media
History
Philipp Stanner 2f50c1ea7f media: drivers/media/dvb-core: copy user arrays safely 
[ Upstream commit 102fb77c2deb0df3683ef8ff7a6f4cf91dc456e2 ]

At several positions in dvb_frontend.c, memdup_user() is utilized to
copy userspace arrays. This is done without overflow checks.

Use the new wrapper memdup_array_user() to copy the arrays more safely.

Link: https://lore.kernel.org/linux-media/20231102191633.52592-2-pstanner@redhat.com
Suggested-by: Dave Airlie <airlied@redhat.com>
Signed-off-by: Philipp Stanner <pstanner@redhat.com>
Signed-off-by: Mauro Carvalho Chehab <mchehab@kernel.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
2024-08-29 17:33:34 +02:00
..
cec media: cec: core: avoid confusing "transmit timed out" message 2024-06-12 11:12:43 +02:00
common media: videobuf2: request more buffers for vb2_read 2024-04-27 17:11:30 +02:00
dvb-core media: drivers/media/dvb-core: copy user arrays safely 2024-08-29 17:33:34 +02:00
dvb-frontends media: dvb-frontends: tda10048: Fix integer overflow 2024-07-11 12:49:07 +02:00
firewire media: firewire: firedtv-avc.c: replace BUG with proper, error return 2023-08-10 07:58:37 +02:00
i2c media: i2c: imx219: fix msr access command sequence 2024-08-03 08:53:48 +02:00
mc media: mc: mark the media devnode as registered from the, start 2024-06-16 13:47:35 +02:00
mmc
pci media: pci: cx23885: check cx23885_vdev_init() return 2024-08-29 17:33:33 +02:00
platform media: qcom: venus: fix incorrect return value 2024-08-29 17:33:27 +02:00
radio media: radio-isa: use dev_name to fill in bus_info 2024-08-29 17:33:25 +02:00
rc lirc: rc_dev_get_from_fd(): fix file leak 2024-08-03 08:54:38 +02:00
spi
test-drivers media: visl: Hook the (TRY_)DECODER_CMD stateless ioctls 2024-01-25 15:35:32 -08:00
tuners media: xc2028: avoid use-after-free in load_firmware_cb() 2024-08-14 13:58:46 +02:00
usb media: Revert "media: dvb-usb: Fix unexpected infinite loop in dvb_usb_read_remote_control()" 2024-08-19 06:04:31 +02:00
v4l2-core media: v4l: async: Fix NULL pointer dereference in adding ancillary links 2024-08-03 08:53:47 +02:00
Kconfig
Makefile