media: dvb-usb: digitv: fix null-ptr-deref in digitv_i2c_xfer() - blaster4385/linux-IllusionX - Linux kernel with personal config changes for arch linux

diff options

author	Wei Chen <[email protected]>	2023-03-13 09:50:08 +0000
committer	Mauro Carvalho Chehab <[email protected]>	2023-05-14 06:30:06 +0100
commit	9ded5bd2a49ce3015b7c936743eec0a0e6e11f0c (patch)
tree	fee0471a252bb8933743cea07d4111c8a25085f7 /tools/testing/selftests/bpf/prog_tests/prog_array_init.c
parent	aa4a447b81b84f69c1a89ad899df157f386d7636 (diff)

media: dvb-usb: digitv: fix null-ptr-deref in digitv_i2c_xfer()

In digitv_i2c_xfer, msg is controlled by user. When msg[i].buf is null and msg[i].len is zero, former checks on msg[i].buf would be passed. Malicious data finally reach digitv_i2c_xfer. If accessing msg[i].buf[0] without sanity check, null ptr deref would happen. We add check on msg[i].len to prevent crash. Similar commit: commit 0ed554fd769a ("media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer()") Link: https://lore.kernel.org/linux-media/[email protected] Signed-off-by: Wei Chen <[email protected]> Signed-off-by: Mauro Carvalho Chehab <[email protected]>

Diffstat (limited to 'tools/testing/selftests/bpf/prog_tests/prog_array_init.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: