redonkable
/
alistair23-linux
1
0
Fork 0
Code Releases Activity
alistair23-linux/drivers/input
History
Arnd Bergmann 8f827adb9b Input: cyapa_gen6 - fix out-of-bounds stack access 
commit f051ae4f6c upstream.

gcc -Warray-bounds warns about a serious bug in
cyapa_pip_retrieve_data_structure:

drivers/input/mouse/cyapa_gen6.c: In function 'cyapa_pip_retrieve_data_structure.constprop':
include/linux/unaligned/access_ok.h:40:17: warning: array subscript -1 is outside array bounds of 'struct retrieve_data_struct_cmd[1]' [-Warray-bounds]
   40 |  *((__le16 *)p) = cpu_to_le16(val);
drivers/input/mouse/cyapa_gen6.c:569:13: note: while referencing 'cmd'
  569 |  } __packed cmd;
      |             ^~~

Apparently the '-2' was added to the pointer instead of the value,
writing garbage into the stack next to this variable.

Fixes: c2c06c41f7 ("Input: cyapa - add gen6 device module support")
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Link: https://lore.kernel.org/r/20201026161332.3708389-1-arnd@kernel.org
Cc: stable@vger.kernel.org
Signed-off-by: Dmitry Torokhov <dmitry.torokhov@gmail.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 		2020-12-30 11:51:32 +01:00
..
gameport treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
joystick Input: xpad - support Ardwiino Controllers 2020-12-08 10:40:27 +01:00
keyboard Input: cros_ec_keyb - send 'scancodes' in addition to key events 2020-12-30 11:51:30 +01:00
misc Input: cm109 - do not stomp on control URB 2020-12-16 10:56:57 +01:00
mouse Input: cyapa_gen6 - fix out-of-bounds stack access 2020-12-30 11:51:32 +01:00
rmi4 Input: synaptics-rmi4 - fix error return code in rmi_driver_probe() 2020-06-03 08:21:17 +02:00
serio Input: i8042 - add Acer laptops to the i8042 reset list 2020-12-16 10:56:57 +01:00
tablet Input: pegasus_notetaker - fix endpoint sanity check 2020-01-29 16:45:29 +01:00
touchscreen Input: goodix - add upside-down quirk for Teclast X98 Pro tablet 2020-12-30 11:51:30 +01:00
Kconfig treewide: Add SPDX license identifier - Makefile/Kconfig 2019-05-21 10:50:46 +02:00
Makefile Input: add support for polling to input devices 2019-08-20 12:04:07 -07:00
apm-power.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
evbug.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156 2019-05-30 11:26:35 -07:00
evdev.c Input: evdev - call input_flush_device() on release(), not flush() 2020-06-03 08:21:16 +02:00
ff-core.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156 2019-05-30 11:26:35 -07:00
ff-memless.c Input: ff-memless - kill timer in destroy() 2019-11-15 11:45:03 -08:00
input-compat.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
input-compat.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
input-leds.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
input-mt.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
input-polldev.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
input-poller.c Input: add support for polling to input devices 2019-08-20 12:04:07 -07:00
input-poller.h Input: add support for polling to input devices 2019-08-20 12:04:07 -07:00
input.c Input: fix stale timestamp on key autorepeat events 2020-04-01 11:01:57 +02:00
joydev.c Linux 5.2 2019-07-15 09:42:32 -07:00
matrix-keymap.c Input: matrix-keymap - switch to use device_property_count_u32() 2019-08-12 00:03:13 -07:00
mousedev.c *: convert stream-like files -> stream_open, even if they use noop_llseek 2019-07-14 16:09:19 +03:00
sparse-keymap.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00