mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-10-01 22:54:01 +00:00
Code Issues Releases Wiki Activity
linux-stable/drivers/staging
History
Maximilian Luz fa6bbb4894 ipu3-imgu: Fix NULL pointer dereference in imgu_subdev_set_selection() 
commit dc608edf7d upstream.

Calling v4l2_subdev_get_try_crop() and v4l2_subdev_get_try_compose()
with a subdev state of NULL leads to a NULL pointer dereference. This
can currently happen in imgu_subdev_set_selection() when the state
passed in is NULL, as this method first gets pointers to both the "try"
and "active" states and only then decides which to use.

The same issue has been addressed for imgu_subdev_get_selection() with
commit 30d03a0de650 ("ipu3-imgu: Fix NULL pointer dereference in active
selection access"). However the issue still persists in
imgu_subdev_set_selection().

Therefore, apply a similar fix as done in the aforementioned commit to
imgu_subdev_set_selection(). To keep things a bit cleaner, introduce
helper functions for "crop" and "compose" access and use them in both
imgu_subdev_set_selection() and imgu_subdev_get_selection().

Fixes: 0d346d2a6f ("media: v4l2-subdev: add subdev-wide state struct")
Cc: stable@vger.kernel.org # for v5.14 and later
Signed-off-by: Maximilian Luz <luzmaximilian@gmail.com>
Signed-off-by: Sakari Ailus <sakari.ailus@linux.intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2023-01-12 11:58:57 +01:00
..
android
axis-fifo
board
clocking-wizard
emxx_udc
fbtft
fieldbus
fwserial
gdm724x
greybus staging: greybus: audio_helper: remove unused and wrong debugfs usage 2022-10-26 12:34:34 +02:00
gs_fpgaboot
iio iio:imu:adis: Move exports into IIO_ADISLIB namespace 2022-12-31 13:14:29 +01:00
ks7010
media ipu3-imgu: Fix NULL pointer dereference in imgu_subdev_set_selection() 2023-01-12 11:58:57 +01:00
most
mt7621-dma
mt7621-dts
mt7621-pci PCI: mt7621: Add sentinel to quirks table 2022-12-31 13:14:26 +01:00
netlogic
nvec
octeon
octeon-usb
olpc_dcon
pi433
qlge
r8188eu staging: r8188eu: Add Rosewill USB-N150 Nano to device tables 2022-09-28 11:11:38 +02:00
ralink-gdma
rtl8192e staging: rtl8192e: Fix potential use-after-free in rtllib_rx_Monitor() 2022-12-31 13:14:30 +01:00
rtl8192u staging: rtl8192u: Fix use after free in ieee80211_rx() 2022-12-31 13:14:30 +01:00
rtl8712 staging: rtl8712: fix use after free bugs 2022-09-08 12:28:03 +02:00
rtl8723bs staging: rtl8723bs: fix a potential memory leak in rtw_init_cmd_priv() 2022-10-26 12:35:50 +02:00
rts5208
sm750fb
unisys
vc04_services
vme
vt6655 staging: vt6655: fix potential memory leak 2022-10-26 12:35:47 +02:00
vt6656
wfx
wlan-ng
Kconfig
Makefile