Re: [PATCH 4/4] venus: hfi_parser: Add check to keep the number of codecs within range

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 27.07.2023 06:34, Vikash Garodia wrote:
> Supported codec bitmask is populated from the payload from venus firmware.
> There is a possible case when all the bits in the codec bitmask is set. In
> such case, core cap for decoder is filled  and MAX_CODEC_NUM is utilized.
> Now while filling the caps for encoder, it can lead to access the caps
> array beyong 32 index. Hence leading to OOB write.
> The fix counts the supported encoder and decoder. If the count is more than
> max, then it skips accessing the caps.
> 
> Cc: stable@xxxxxxxxxxxxxxx
> Fixes: 1a73374a04e5 ("media: venus: hfi_parser: add common capability parser")
> Signed-off-by: Vikash Garodia <quic_vgarodia@xxxxxxxxxxx>
> ---
>  drivers/media/platform/qcom/venus/hfi_parser.c | 15 +++++++++++++++
>  1 file changed, 15 insertions(+)
> 
> diff --git a/drivers/media/platform/qcom/venus/hfi_parser.c b/drivers/media/platform/qcom/venus/hfi_parser.c
> index ec73cac..651e215 100644
> --- a/drivers/media/platform/qcom/venus/hfi_parser.c
> +++ b/drivers/media/platform/qcom/venus/hfi_parser.c
> @@ -14,11 +14,26 @@
>  typedef void (*func)(struct hfi_plat_caps *cap, const void *data,
>  		     unsigned int size);
>  
> +static int count_setbits(u32 input)
hweight_long()?

Konrad



[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [Linux for Sparc]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux