| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <526e885abc278a2d369de82d80ebc21d56c7f7ba.camel@gmail.com> Date: Mon, 30 Sep 2024 11:33:20 +0200 From: Nuno Sá <noname.nuno@...il.com> To: Denis Arefev <arefev@...mel.ru>, Michael Hennerich <michael.hennerich@...log.com> Cc: Dmitry Torokhov <dmitry.torokhov@...il.com>, linux-input@...r.kernel.org, linux-kernel@...r.kernel.org, lvc-project@...uxtesting.org, stable@...r.kernel.org Subject: Re: [PATCH] Input: adp5588-keys - Added checking of key and key_val variables On Mon, 2024-09-30 at 11:36 +0300, Denis Arefev wrote: > If the adp5588_read function returns 0, then there will be an > overflow of the kpad->keycode buffer. > > If the adp5588_read function returns a negative value, then the > logic is broken - the wrong value is used as an index of > the kpad->keycode array. > > Found by Linux Verification Center (linuxtesting.org) with SVACE. > > Cc: stable@...r.kernel.org # v5.10+ > Signed-off-by: Denis Arefev <arefev@...mel.ru> > --- Hi Denis, Thanks for the patch. However, I'm working on a more complete rework of this as suggested in [1]. I should be sending patches for it today or tomorrow. [1]: https://lore.kernel.org/linux-input/Zu0vq0ogr2HzXWv7@google.com/ - Nuno Sá
Powered by blists - more mailing lists