AcoSail/kernel_optimize_test
8
0
Fork 0
forked from luck/tmp_suning_uos_patched
Code Pull Requests Activity
35a44ba545
kernel_optimize_test/drivers/input
History
Arnd Bergmann f5a430c8ee Input: cyapa_gen6 - fix out-of-bounds stack access 
commit f051ae4f6c732c231046945b36234e977f8467c6 upstream.

gcc -Warray-bounds warns about a serious bug in
cyapa_pip_retrieve_data_structure:

drivers/input/mouse/cyapa_gen6.c: In function 'cyapa_pip_retrieve_data_structure.constprop':
include/linux/unaligned/access_ok.h:40:17: warning: array subscript -1 is outside array bounds of 'struct retrieve_data_struct_cmd[1]' [-Warray-bounds]
   40 |  *((__le16 *)p) = cpu_to_le16(val);
drivers/input/mouse/cyapa_gen6.c:569:13: note: while referencing 'cmd'
  569 |  } __packed cmd;
      |             ^~~

Apparently the '-2' was added to the pointer instead of the value,
writing garbage into the stack next to this variable.

Fixes: c2c06c41f7 ("Input: cyapa - add gen6 device module support")
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Link: https://lore.kernel.org/r/20201026161332.3708389-1-arnd@kernel.org
Cc: stable@vger.kernel.org
Signed-off-by: Dmitry Torokhov <dmitry.torokhov@gmail.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2020-12-30 11:54:05 +01:00
..
gameport treewide: replace '---help---' in Kconfig files with 'help' 2020-06-14 01:57:21 +09:00
joystick Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/dtor/input 2020-12-05 16:16:34 -08:00
keyboard Input: omap4-keypad - fix runtime PM error handling 2020-12-30 11:53:19 +01:00
misc Input: cm109 - do not stomp on control URB 2020-12-11 13:17:36 -08:00
mouse Input: cyapa_gen6 - fix out-of-bounds stack access 2020-12-30 11:54:05 +01:00
rmi4 Input: synaptics-rmi4 - support bootloader v8 in f34v7 2020-10-04 19:51:45 -07:00
serio Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/dtor/input 2020-12-12 09:41:33 -08:00
tablet treewide: Use fallthrough pseudo-keyword 2020-08-23 17:36:59 -05:00
touchscreen Input: ads7846 - fix unaligned access on 7845 2020-12-30 11:53:14 +01:00
apm-power.c
evbug.c
evdev.c Input: evdev - per-client waitgroups 2020-10-06 18:34:15 -07:00
ff-core.c
ff-memless.c
input-compat.c
input-compat.h
input-leds.c
input-mt.c Input: MT - avoid comma separated statements 2020-08-25 10:26:05 -07:00
input-polldev.c
input-poller.c
input-poller.h
input.c
joydev.c
Kconfig
Makefile
matrix-keymap.c
mousedev.c
sparse-keymap.c Input: Use fallthrough pseudo-keyword 2020-07-07 11:25:54 -07:00