Benjamin Tissoires fdab04c119 Input: elan_i2c_smbus - fix corrupted stack ... commit 40f7090bb1b4ec327ea1e1402ff5783af5b35195 upstream. New ICs (like the one on the Lenovo T480s) answer to ETP_SMBUS_IAP_VERSION_CMD 4 bytes instead of 3. This corrupts the stack as i2c_smbus_read_block_data() uses the values returned by the i2c device to know how many data it need to return. i2c_smbus_read_block_data() can read up to 32 bytes (I2C_SMBUS_BLOCK_MAX) and there is no safeguard on how many bytes are provided in the return value. Ensure we always have enough space for any future firmware. Also 0-initialize the values to prevent any access to uninitialized memory. Cc: <stable@vger.kernel.org> # v4.4.x, v4.9.x, v4.14.x, v4.15.x, v4.16.x Signed-off-by: Benjamin Tissoires <benjamin.tissoires@redhat.com> Acked-by: KT Liao <kt.liao@emc.com.tw> Signed-off-by: Dmitry Torokhov <dmitry.torokhov@gmail.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>		2018-06-06 16:46:20 +02:00
..
gameport
joystick	Input: xpad - add support for Razer Wildcat gamepad	2017-04-21 09:30:05 +02:00
keyboard	Input: qt1070 - add OF device ID table	2018-03-22 09:23:22 +01:00
misc	Input: drv260x - fix initializing overdrive voltage	2018-04-29 07:50:01 +02:00
mouse	Input: elan_i2c_smbus - fix corrupted stack	2018-06-06 16:46:20 +02:00
serio	Input: i8042 - enable MUX on Sony VAIO VGN-CS series to fix touchpad	2018-04-08 11:52:00 +02:00
tablet	Input: gtco - fix potential out-of-bound access	2017-11-02 09:40:49 +01:00
touchscreen	Input: atmel_mxt_ts - add touchpad button mapping for Samsung Chromebook Pro	2018-05-16 10:06:48 +02:00
apm-power.c
evbug.c
evdev.c
ff-core.c
ff-memless.c
input-compat.c
input-compat.h
input-leds.c	Input: leds - fix out of bound access	2018-05-16 10:06:48 +02:00
input-mt.c
input-polldev.c
input.c
joydev.c
Kconfig
Makefile
matrix-keymap.c
mousedev.c	Input: mousedev - fix implicit conversion warning	2018-04-08 11:51:57 +02:00
sparse-keymap.c