HID: core: Sanitize event code and type when mapping input
When calling into hid_map_usage(), the passed event code is blindly stored as is, even if it doesn't fit in the associated bitmap. This event code can come from a variety of sources, including devices masquerading as input devices, only a bit more "programmable". Instead of taking the event code at face value, check that it actually fits the corresponding bitmap, and if it doesn't: - spit out a warning so that we know which device is acting up - NULLify the bitmap pointer so that we catch unexpected uses Code paths that can make use of untrusted inputs can now check that the mapping was indeed correct and bail out if not. Cc: stable@vger.kernel.org Signed-off-by:Marc Zyngier <maz@kernel.org> Signed-off-by:
Benjamin Tissoires <benjamin.tissoires@gmail.com>
Loading
-
mentioned in commit 42d442fc
-
mentioned in commit 9049e8ad
-
mentioned in commit e03a6ca9
-
mentioned in commit 1b876b24
-
mentioned in commit 7ece284a
-
mentioned in commit 7c75f06e
-
mentioned in commit 6088eda0
-
mentioned in commit f0527c46
-
mentioned in commit 28c01e5e
-
mentioned in commit 6e398c28
-
mentioned in commit 44e6b64f
-
mentioned in commit d8bdae60
Please sign in to comment