system/linux
system/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux synced 2024-10-19 17:58:44 +00:00
Code Issues Packages Projects Releases Wiki Activity
linux/drivers/media
History
Laura Abbott 47810b4341 [media] si2168: Bounds check firmware 
When reading the firmware and sending commands, the length must
be bounds checked to avoid overrunning the size of the command
buffer and smashing the stack if the firmware is not in the expected
format:

si2168 11-0064: found a 'Silicon Labs Si2168-B40'
si2168 11-0064: downloading firmware from file 'dvb-demod-si2168-b40-01.fw'
si2168 11-0064: firmware download failed -95
Kernel panic - not syncing: stack-protector: Kernel stack is corrupted in: ffffffffa085708f

Add the proper check.

Cc: stable@kernel.org
Reported-by: Stuart Auchterlonie <sauchter@redhat.com>
Reviewed-by: Antti Palosaari <crope@iki.fi>
Signed-off-by: Laura Abbott <labbott@fedoraproject.org>
Signed-off-by: Mauro Carvalho Chehab <mchehab@osg.samsung.com>
2015-10-22 15:48:25 -02:00
..
common [media] saa7146: use swap() in sort_and_eliminate() 2015-07-06 08:25:49 -03:00
dvb-core [media] dvbdev: document most of the functions/data structs 2015-08-22 19:39:38 -03:00
dvb-frontends [media] si2168: Bounds check firmware 2015-10-22 15:48:25 -02:00
firewire [media] dvb: Get rid of typedev usage for enums 2015-06-09 17:47:35 -03:00
i2c media updates for v4.3-rc1 2015-09-05 18:21:14 -07:00
mmc [media] siano: register media controller earlier 2015-02-26 09:10:39 -03:00
pci media updates for v4.3-rc1 2015-09-05 18:21:14 -07:00
platform [media] c8sectpfe: fix return of garbage 2015-10-22 15:48:24 -02:00
radio [media] radio: Drop owner assignment from i2c_driver 2015-08-11 13:01:08 -03:00
rc [media] ir-hix5hd2: drop the use of IRQF_NO_SUSPEND 2015-10-22 15:48:24 -02:00
tuners [media] si2157: Bounds check firmware 2015-10-22 15:48:25 -02:00
usb [media] cx231xx: Use wake_up_interruptible() instead of wake_up_interruptible_nr() 2015-09-03 13:50:52 -03:00
v4l2-core media updates for v4.3-rc1 2015-09-11 16:42:39 -07:00
Kconfig media updates for v4.2-rc1 2015-06-25 17:55:48 -07:00
Makefile
media-device.c
media-devnode.c
media-entity.c [media] media: Correctly notify about the failed pipeline validation 2015-08-16 13:20:15 -03:00