projects / linux-2.6-microblaze.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: bec2ddf) | patch
media: media/v4l2-core: Fix kernel-infoleak in video_put_user()
authorPeilin Ye <yepeilin.cs@gmail.com>
Mon, 27 Jul 2020 08:00:02 +0000 (10:00 +0200)
committerMauro Carvalho Chehab <mchehab+huawei@kernel.org>
Wed, 26 Aug 2020 14:29:36 +0000 (16:29 +0200)
commit4ffb879ea648c2b42da4ca992ed3db87e564af69
tree3a7d497d8c8215edcbe5b466a71f759190689030tree | snapshot
parentbec2ddfd39f07ac2c1dec9fd5299424ad75c0a9dcommit | diff
media: media/v4l2-core: Fix kernel-infoleak in video_put_user()

video_put_user() is copying uninitialized stack memory to userspace due
to the compiler not initializing holes in the structures declared on the
stack. Fix it by initializing `ev32` and `vb32` using memset().

Reported-and-tested-by: syzbot+79d751604cb6f29fbf59@syzkaller.appspotmail.com
Link: https://syzkaller.appspot.com/bug?extid=79d751604cb6f29fbf59
Cc: stable@vger.kernel.org
Fixes: 1a6c0b36dd19 ("media: v4l2-core: fix VIDIOC_DQEVENT for time64 ABI")
Fixes: 577c89b0ce72 ("media: v4l2-core: fix v4l2_buffer handling for time64 ABI")
Reviewed-by: Laurent Pinchart <laurent.pinchart@ideasonboard.com>
Reviewed-by: Arnd Bergmann <arnd@arndb.de>
Signed-off-by: Peilin Ye <yepeilin.cs@gmail.com>
Signed-off-by: Hans Verkuil <hverkuil-cisco@xs4all.nl>
Signed-off-by: Mauro Carvalho Chehab <mchehab+huawei@kernel.org>
drivers/media/v4l2-core/v4l2-ioctl.c diff | blob | history
MicroBlaze GIT Repository