diff options
| author | Sriharsha Allenki <sallenki@codeaurora.org> | 2016-12-22 14:57:44 +0530 |
|---|---|---|
| committer | Sriharsha Allenki <sallenki@codeaurora.org> | 2018-07-06 16:22:02 +0530 |
| commit | 55fece3439eec26747436d073c13b9bfa21c1f9e (patch) | |
| tree | 2c3d3ab56c8d71e38b999bc1cbbaddb43d8572d4 | |
| parent | 38a0bccad56942e30c91af116767717ce1060607 (diff) | |
hid: usbhid: Changes to prevent buffer overflow
Moved some value checks to right positions to prevent
buffer flow, which may be possible before. Previously
these value checks are in an else statement which may
not be executed.
Change-Id: I02dbecd074183581a6bdae6377097bc004bd3d3c
CRs-fixed: 1102936
Signed-off-by: Sriharsha Allenki <sallenki@codeaurora.org>
| -rw-r--r-- | drivers/hid/usbhid/hiddev.c | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/drivers/hid/usbhid/hiddev.c b/drivers/hid/usbhid/hiddev.c index 700145b15088..da8fd9580223 100644 --- a/drivers/hid/usbhid/hiddev.c +++ b/drivers/hid/usbhid/hiddev.c @@ -510,13 +510,13 @@ static noinline int hiddev_ioctl_usage(struct hiddev *hiddev, unsigned int cmd, goto inval; field = report->field[uref->field_index]; + } - if (cmd == HIDIOCGCOLLECTIONINDEX) { - if (uref->usage_index >= field->maxusage) - goto inval; - } else if (uref->usage_index >= field->report_count) + if (cmd == HIDIOCGCOLLECTIONINDEX) { + if (uref->usage_index >= field->maxusage) goto inval; - } + } else if (uref->usage_index >= field->report_count) + goto inval; if ((cmd == HIDIOCGUSAGES || cmd == HIDIOCSUSAGES) && (uref_multi->num_values > HID_MAX_MULTI_USAGES || |