lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20161118232045.24665-10-bparrot@ti.com>
Date:   Fri, 18 Nov 2016 17:20:19 -0600
From:   Benoit Parrot <bparrot@...com>
To:     <linux-media@...r.kernel.org>, Hans Verkuil <hverkuil@...all.nl>
CC:     <linux-kernel@...r.kernel.org>,
        Tomi Valkeinen <tomi.valkeinen@...com>,
        Jyri Sarha <jsarha@...com>,
        Peter Ujfalusi <peter.ujfalusi@...com>,
        Benoit Parrot <bparrot@...com>
Subject: [Patch v2 09/35] media: ti-vpe: vpe: Return NULL for invalid buffer type

From: Nikhil Devshatwar <nikhil.nd@...com>

get_q_data can be called with different values for type
e.g. vpe_try_crop calls it with the buffer type which gets passed
from user space

Framework doesn't check wheather its correct type or not
If user space passes wrong type, kernel should not crash.
Return NULL when the passed type is invalid.

Signed-off-by: Nikhil Devshatwar <nikhil.nd@...com>
Signed-off-by: Benoit Parrot <bparrot@...com>
Acked-by: Hans Verkuil <hans.verkuil@...co.com>
---
 drivers/media/platform/ti-vpe/vpe.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/drivers/media/platform/ti-vpe/vpe.c b/drivers/media/platform/ti-vpe/vpe.c
index c624f5db7f08..4b6e8839dd83 100644
--- a/drivers/media/platform/ti-vpe/vpe.c
+++ b/drivers/media/platform/ti-vpe/vpe.c
@@ -420,7 +420,7 @@ static struct vpe_q_data *get_q_data(struct vpe_ctx *ctx,
 	case V4L2_BUF_TYPE_VIDEO_CAPTURE:
 		return &ctx->q_data[Q_DATA_DST];
 	default:
-		BUG();
+		return NULL;
 	}
 	return NULL;
 }
-- 
2.9.0

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ