drm/msm : check buffer size before writing to user buffer · 31748cad9c - evie/android_kernel_oneplus_msm8998 - Gay Catgirls Forgejo: gay catgirls having sex

evie/android_kernel_oneplus_msm8998

drm/msm : check buffer size before writing to user buffer

Check the number of bytes to copy against the size of the
user buffer before copy to user to avoid buffer overflow.

Change-Id: Ida3f2470b8441010adc30312c12c6d75fdd6ccb8
Signed-off-by: Harsh Sahu <hsahu@codeaurora.org>

This commit is contained in:

Harsh Sahu

2018-03-22 23:22:17 -07:00

• committed by

Gerrit - the friendly Code Review server

parent 3a9f9cc591

commit 31748cad9c

1 changed files with 5 additions and 0 deletions

									
										5

drivers/gpu/drm/msm/sde_dbg.c
									
										View file
										
				@ -1643,6 +1643,11 @@ static ssize_t sde_evtlog_dump_read(struct file *file, char __user *buff,

					len = sde_evtlog_dump_to_buffer(sde_dbg_base.evtlog, evtlog_buf,

							SDE_EVTLOG_BUF_MAX, true);

					if (len < 0 || len > count) {

						pr_err("len is more than user buffer size");

						return 0;

					}

					if (copy_to_user(buff, evtlog_buf, len))

						return -EFAULT;

					*ppos += len;