Git-Mirrors/DivestOS
1
0
Fork 0
mirror of https://github.com/Divested-Mobile/DivestOS-Build.git synced 2025-09-29 23:18:25 -04:00
Code Issues Projects Releases Packages Wiki Activity

Update Linux CVE patches

Browse source
This commit is contained in:
Tad 2017-10-29 22:14:37 -04:00
parent 12b63c12b7
commit 3989a1b20b
958 changed files with 21074 additions and 397 deletions
Download patch file Download diff file Expand all files Collapse all files

55
Patches/Linux_CVEs/CVE-2016-5829/ANY/0.patch Normal file
View file

@ -0,0 +1,55 @@
From af37375834fe1dd7a7a08c6042664ffc2a1a3beb Mon Sep 17 00:00:00 2001
From: Sriharsha Allenki <sallenki@codeaurora.org>
Date: Thu, 22 Dec 2016 14:57:44 +0530
Subject: hid: usbhid: Changes to prevent buffer overflow
Moved some value checks to right positions to prevent
buffer flow, which may be possible before. Previously
these value checks are in an else statement which may
not be executed.
Change-Id: I02dbecd074183581a6bdae6377097bc004bd3d3c
CRs-fixed: 1102936
Signed-off-by: Sriharsha Allenki <sallenki@codeaurora.org>
---
drivers/hid/usbhid/hiddev.c | 19 ++++++++++---------
1 file changed, 10 insertions(+), 9 deletions(-)
(limited to 'drivers/hid/usbhid/hiddev.c')
diff --git a/drivers/hid/usbhid/hiddev.c b/drivers/hid/usbhid/hiddev.c
index 2f1ddca..602f163 100644
--- a/drivers/hid/usbhid/hiddev.c
+++ b/drivers/hid/usbhid/hiddev.c
@@ -510,18 +510,19 @@ static noinline int hiddev_ioctl_usage(struct hiddev *hiddev, unsigned int cmd,
goto inval;
field = report->field[uref->field_index];
+ }
- if (cmd == HIDIOCGCOLLECTIONINDEX) {
- if (uref->usage_index >= field->maxusage)
- goto inval;
- } else if (uref->usage_index >= field->report_count)
+ if (cmd == HIDIOCGCOLLECTIONINDEX) {
+ if (uref->usage_index >= field->maxusage)
goto inval;
+ } else if (uref->usage_index >= field->report_count)
+ goto inval;
- else if ((cmd == HIDIOCGUSAGES || cmd == HIDIOCSUSAGES) &&
- (uref_multi->num_values > HID_MAX_MULTI_USAGES ||
- uref->usage_index + uref_multi->num_values > field->report_count))
- goto inval;
- }
+ else if ((cmd == HIDIOCGUSAGES || cmd == HIDIOCSUSAGES) &&
+ (uref_multi->num_values > HID_MAX_MULTI_USAGES ||
+ uref->usage_index + uref_multi->num_values >
+ field->report_count))
+ goto inval;
switch (cmd) {
case HIDIOCGUSAGE:
--
cgit v1.1