FROMGIT: media: venus: hfi: add a check to handle OOB in sfr region
sfr->buf_size is in shared memory and can be modified by malicious user. OOB write is possible when the size is made higher than actual sfr data buffer. Cap the size to allocated size for such cases. Cc: stable@vger.kernel.org Fixes: d96d3f30 ("[media] media: venus: hfi: add Venus HFI files") Reviewed-by:Bryan O'Donoghue <bryan.odonoghue@linaro.org> CRs-Fixed: 3947576 Change-Id: I483a5feff3dfa35dae8f444e57601d2d1d85246f Git-commit: f4b21171 Git-repo: https://gitlab.freedesktop.org/linux-media/media-committers.git Signed-off-by:
Vikash Garodia <quic_vgarodia@quicinc.com>
Loading
Please sign in to comment