drm/msm/dsi-staging: Add length check before copying to user space
Add a check to make sure that the length of bytes copied to the destination buffer doesn't exceed the requested buffer count before calling the copy_to_user to avoid buffer overflow. Change-Id: Ice834a9e024b09f3b6041399ff55dec00e75b9ef Signed-off-by: Raghavendra Ambadas <rambad@codeaurora.org>
This commit is contained in:
raghavendra ambadas
parent
4461eef69d
commit
9ddd05897c
1 changed files with 7 additions and 1 deletions
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright (c) 2016-2018, The Linux Foundation. All rights reserved.
|
||||
* Copyright (c) 2016-2019, The Linux Foundation. All rights reserved.
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License version 2 and
|
||||
|
|
@ -123,6 +123,9 @@ static ssize_t debugfs_state_info_read(struct file *file,
|
|||
dsi_ctrl->clk_info.link_clks.pixel_clk_rate,
|
||||
dsi_ctrl->clk_info.link_clks.esc_clk_rate);
|
||||
|
||||
if (len > count)
|
||||
len = count;
|
||||
|
||||
/* TODO: make sure that this does not exceed 4K */
|
||||
if (copy_to_user(buff, buf, len)) {
|
||||
kfree(buf);
|
||||
|
|
@ -162,6 +165,9 @@ static ssize_t debugfs_reg_dump_read(struct file *file,
|
|||
"Core clocks are not turned on, cannot read\n");
|
||||
}
|
||||
|
||||
if (len > count)
|
||||
len = count;
|
||||
|
||||
/* TODO: make sure that this does not exceed 4K */
|
||||
if (copy_to_user(buff, buf, len)) {
|
||||
kfree(buf);
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue