diff options
author | Ravi Kumar Siddojigari <rsiddoji@codeaurora.org> | 2016-09-20 14:27:36 +0530 |
---|---|---|
committer | Shantanu Jain <shjain@codeaurora.org> | 2016-10-03 17:27:52 +0530 |
commit | dab813eaa571e2784647e6732a04e34577dab427 (patch) | |
tree | af4cfdaa9dc75ccee5b4ff73aff4e5d4cb77a931 /arch/mips/pci | |
parent | e4e58248efa8d03b39982c26566d846e2baa2687 (diff) |
input: synaptics_dsx: allocate heap memory for temp buf
There is a possible stack overflow vulnerability in the rmidev_write
function because the stack array size is from user space.
changes to allocate heap memory for the temporary buffer instead of
stack memory to prevent the stack overflow vulnerability.
As discussed under CVE-2016-3865 and ANDROID-28799389.
Change-Id: I20f639e09aaf3c533c98a12a2413570feae3d6d0
Signed-off-by: Ravi Kumar Siddojigari <rsiddoji@codeaurora.org>
Signed-off-by: Shantanu Jain <shjain@codeaurora.org>
Diffstat (limited to 'arch/mips/pci')
0 files changed, 0 insertions, 0 deletions