| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 23 Aug 2023 08:47:23 -0700
From: Jerry Liu <jerry.liu@...hnexion.com>
To: laurent.pinchart@...asonboard.com, mchehab@...nel.org
Cc: linux-media@...r.kernel.org, linux-kernel@...r.kernel.org,
Jerry Liu <jerry.liu@...hnexion.com>
Subject: [RFC PATCH] media: uvcvideo: Modified uvc_ctrl_fill_xu_info 'kmalloc' to 'kzalloc'
If the length of UVC XU Control is 1 (even though this is illegal), due
to the non-zero value of data, UVC_GET_LEN could potentially result in a
length that is not 1. In order to ensure that 2-byte data array is set
to 0, 'kmalloc' is modified to 'kzalloc'.
Signed-off-by: Jerry Liu <jerry.liu@...hnexion.com>
---
drivers/media/usb/uvc/uvc_ctrl.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/media/usb/uvc/uvc_ctrl.c b/drivers/media/usb/uvc/uvc_ctrl.c
index 5e9d3da862dd..054bc14f7a58 100644
--- a/drivers/media/usb/uvc/uvc_ctrl.c
+++ b/drivers/media/usb/uvc/uvc_ctrl.c
@@ -2088,7 +2088,7 @@ static int uvc_ctrl_fill_xu_info(struct uvc_device *dev,
u8 *data;
int ret;
- data = kmalloc(2, GFP_KERNEL);
+ data = kzalloc(2, GFP_KERNEL);
if (data == NULL)
return -ENOMEM;
--
2.25.1
Powered by blists - more mailing lists