git.openpandora.org / pandora-kernel.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: f2e323e) | patch
[media] firewire: firedtv-avc: potential buffer overflow
authorDan Carpenter <dan.carpenter@oracle.com>
Mon, 8 Sep 2014 11:18:43 +0000 (08:18 -0300)
committerMauro Carvalho Chehab <mchehab@osg.samsung.com>
Tue, 23 Sep 2014 19:13:37 +0000 (16:13 -0300)
commit3011e5e592a2d31556cc3eff335a1ecccd473fa0
tree7285f69453ed9f0822019e42afb3ef10fe39c8c8tree | snapshot
parentf2e323ec96077642d397bb1c355def536d489d16commit | diff
[media] firewire: firedtv-avc: potential buffer overflow

"program_info_length" is user controlled and can go up to 4095.  The
operand[] array has 509 bytes so we need to add a limit here to prevent
buffer overflows.

Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Reviewed-by: Stefan Richter <stefanr@s5r6.in-berlin.de>
Signed-off-by: Mauro Carvalho Chehab <mchehab@osg.samsung.com>
drivers/media/firewire/firedtv-avc.c diff | blob | history
Pandora Kernel Repository