mirror of
https://github.com/Divested-Mobile/DivestOS-Build.git
synced 2024-10-01 01:35:54 -04:00
81 lines
2.7 KiB
Diff
81 lines
2.7 KiB
Diff
From a604e6f3889ccc343857532b63dea27603381816 Mon Sep 17 00:00:00 2001
|
|
From: Zhen Kong <zkong@codeaurora.org>
|
|
Date: Tue, 31 Jan 2017 12:07:10 -0800
|
|
Subject: crypto: msm: check length before copying to buf in _debug_stats_read
|
|
|
|
Make sure that `len` is not larger than `count` before copying data
|
|
to userspace `buf` in _debug_stats_read().
|
|
|
|
Change-Id: Iafb7cfa3828653f8c28183c812797c3d9a183da1
|
|
Signed-off-by: Zhen Kong <zkong@codeaurora.org>
|
|
---
|
|
drivers/crypto/msm/ota_crypto.c | 6 +++---
|
|
drivers/crypto/msm/qcedev.c | 4 ++--
|
|
drivers/crypto/msm/qcrypto.c | 6 +++---
|
|
3 files changed, 8 insertions(+), 8 deletions(-)
|
|
|
|
diff --git a/drivers/crypto/msm/ota_crypto.c b/drivers/crypto/msm/ota_crypto.c
|
|
index 8aa0d04..416623f 100644
|
|
--- a/drivers/crypto/msm/ota_crypto.c
|
|
+++ b/drivers/crypto/msm/ota_crypto.c
|
|
@@ -1,4 +1,4 @@
|
|
-/* Copyright (c) 2010-2016, The Linux Foundation. All rights reserved.
|
|
+/* Copyright (c) 2010-2017, The Linux Foundation. All rights reserved.
|
|
*
|
|
* This program is free software; you can redistribute it and/or modify
|
|
* it under the terms of the GNU General Public License version 2 and
|
|
@@ -884,8 +884,8 @@ static ssize_t _debug_stats_read(struct file *file, char __user *buf,
|
|
int len;
|
|
|
|
len = _disp_stats();
|
|
-
|
|
- rc = simple_read_from_buffer((void __user *) buf, len,
|
|
+ if (len <= count)
|
|
+ rc = simple_read_from_buffer((void __user *) buf, len,
|
|
ppos, (void *) _debug_read_buf, len);
|
|
|
|
return rc;
|
|
diff --git a/drivers/crypto/msm/qcedev.c b/drivers/crypto/msm/qcedev.c
|
|
index a629c62..5ce87a6e 100644
|
|
--- a/drivers/crypto/msm/qcedev.c
|
|
+++ b/drivers/crypto/msm/qcedev.c
|
|
@@ -1987,9 +1987,9 @@ static ssize_t _debug_stats_read(struct file *file, char __user *buf,
|
|
|
|
len = _disp_stats(qcedev);
|
|
|
|
- rc = simple_read_from_buffer((void __user *) buf, len,
|
|
+ if (len <= count)
|
|
+ rc = simple_read_from_buffer((void __user *) buf, len,
|
|
ppos, (void *) _debug_read_buf, len);
|
|
-
|
|
return rc;
|
|
}
|
|
|
|
diff --git a/drivers/crypto/msm/qcrypto.c b/drivers/crypto/msm/qcrypto.c
|
|
index 3324c9d..dd4443f 100644
|
|
--- a/drivers/crypto/msm/qcrypto.c
|
|
+++ b/drivers/crypto/msm/qcrypto.c
|
|
@@ -1,6 +1,6 @@
|
|
/* Qualcomm Crypto driver
|
|
*
|
|
- * Copyright (c) 2010-2016, The Linux Foundation. All rights reserved.
|
|
+ * Copyright (c) 2010-2017, The Linux Foundation. All rights reserved.
|
|
*
|
|
* This program is free software; you can redistribute it and/or modify
|
|
* it under the terms of the GNU General Public License version 2 and
|
|
@@ -5742,9 +5742,9 @@ static ssize_t _debug_stats_read(struct file *file, char __user *buf,
|
|
|
|
len = _disp_stats(qcrypto);
|
|
|
|
- rc = simple_read_from_buffer((void __user *) buf, len,
|
|
+ if (len <= count)
|
|
+ rc = simple_read_from_buffer((void __user *) buf, len,
|
|
ppos, (void *) _debug_read_buf, len);
|
|
-
|
|
return rc;
|
|
}
|
|
|
|
--
|
|
cgit v1.1
|
|
|