On 4/13/20 10:24 AM, Nuno Sá wrote:
[...]
+static irqreturn_t adis16475_trigger_handler(int irq, void *p)
+{
[...]
+ __be16 data[ADIS16475_MAX_SCAN_DATA], *buffer;
[...]
+
+ iio_push_to_buffers_with_timestamp(indio_dev, data, pf->timestamp);
If the timestamp is enabled the IIO core might insert padding between
the data channels and the timestamp. If that happens this will disclose
kernel stack memory to userspace.
This needs either a memset(data, 0x00, sizeof(data)) or maybe put data
into the state struct and kzalloc it.
- Lars
