redonkable
/
alistair23-linux
1
0
Fork 0
Code Releases Activity
alistair23-linux/drivers/media/v4l2-core
History
Dafna Hirschfeld 5f80d17c51 media: v4l2-core: fix a use-after-free bug of sd->devnode 
commit 6990570f7e upstream.

sd->devnode is released after calling
v4l2_subdev_release. Therefore it should be set
to NULL so that the subdev won't hold a pointer
to a released object. This fixes a reference
after free bug in function
v4l2_device_unregister_subdev

Fixes: 0e43734d4c ("media: v4l2-subdev: add release() internal op")

Cc: stable@vger.kernel.org
Signed-off-by: Dafna Hirschfeld <dafna.hirschfeld@collabora.com>
Reviewed-by: Ezequiel Garcia <ezequiel@collabora.com>
Signed-off-by: Hans Verkuil <hverkuil-cisco@xs4all.nl>
Signed-off-by: Mauro Carvalho Chehab <mchehab+huawei@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 		2020-04-01 11:02:18 +02:00
..
Kconfig media: v4l2-core: move i2c helpers out of v4l2-common.c 2019-08-26 10:50:48 -03:00
Makefile media: v4l2-core: move i2c helpers out of v4l2-common.c 2019-08-26 10:50:48 -03:00
tuner-core.c treewide: Add SPDX license identifier for more missed files 2019-05-21 10:50:45 +02:00
v4l2-async.c media: v4l2-async: Safely clean up an uninitialised notifier 2019-07-25 11:00:06 -04:00
v4l2-clk.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
v4l2-common.c media: v4l2-core: move i2c helpers out of v4l2-common.c 2019-08-26 10:50:48 -03:00
v4l2-compat-ioctl32.c media: v4l2-core: compat: ignore native command codes 2020-02-11 04:35:14 -08:00
v4l2-ctrls.c media: v4l2-ctrl: Lock main_hdl on operations of requests_queued. 2019-12-31 16:45:14 +01:00
v4l2-dev.c media: v4l2-core: Module re-organization 2019-08-26 10:48:15 -03:00
v4l2-device.c media: v4l2-core: fix a use-after-free bug of sd->devnode 2020-04-01 11:02:18 +02:00
v4l2-dv-timings.c media: hdmi.h: rename ADOBE_RGB to OPRGB and ADOBE_YCC to OPYCC 2018-09-24 09:28:41 -04:00
v4l2-event.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 174 2019-05-30 11:26:41 -07:00
v4l2-fh.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 174 2019-05-30 11:26:41 -07:00
v4l2-flash-led-class.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
v4l2-fwnode.c media: v4l2-async: Get fwnode reference when putting it to the notifier's list 2019-07-25 08:01:43 -04:00
v4l2-i2c.c v4l2-core: fix coding style for the two new c files 2019-08-26 11:01:25 -03:00
v4l2-ioctl.c media: v4l2-ioctl.c: zero reserved fields for S/TRY_FMT 2020-01-29 16:45:33 +01:00
v4l2-mc.c media: v4l2-mc: add print messages when media graph fails 2018-09-17 13:16:19 -04:00
v4l2-mem2mem.c media: v4l2-mem2mem.c: fix broken links 2020-03-12 13:00:21 +01:00
v4l2-spi.c v4l2-core: fix coding style for the two new c files 2019-08-26 11:01:25 -03:00
v4l2-subdev.c media: v4l: ctrls: Add debug messages 2019-07-25 06:26:49 -04:00
v4l2-trace.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
videobuf-core.c media: videobuf-core.c: poll_wait needs a non-NULL buf pointer 2019-09-05 06:26:57 -03:00
videobuf-dma-contig.c media/v4l2-core: untag user pointers in videobuf_dma_contig_user_get 2019-09-25 17:51:41 -07:00
videobuf-dma-sg.c media/v4l2-core: set pages dirty upon releasing DMA buffers 2020-02-11 04:35:13 -08:00
videobuf-vmalloc.c media updates for v5.3-rc1 2019-07-09 09:47:22 -07:00