On Mon, 24 Aug 2020, Dan Carpenter wrote:
> This code doesn't check if "settings->startup_profile" is within bounds
> and that could result in an out of bounds array access. What the code
> does do is it checks if the settings can be written to the firmware, so
> it's possible that the firmware has a bounds check? It's safer and
> easier to verify when the bounds checking is done in the kernel.
>
> Fixes: 14bf62cde794 ("HID: add driver for Roccat Kone gaming mouse")
> Signed-off-by: Dan Carpenter <dan.carpenter@xxxxxxxxxx>
> ---
> v2: In the v1 patch I added a check against settings->size but that's
> potentially too strict so it was removed.
Applied, thanks Dan.
--
Jiri Kosina
SUSE Labs
