[PATCH 2/4] staging: atomisp: Fix atomisp_overlay32 compat handling

Sakari Ailus <sakari.ailus@xxxxxxxxxxxxxxx> · Thu, 4 Jun 2020 19:16:19 +0300

The struct atomisp_overlay contains overlay_start_x and overlay_start_y
fields. Instead of copying the value of the overlay_start_x field between
the two structs, the value of the overlay_start_y field of the compat
struct was copied to the overlay_start_x field of the 64-bit kernel struct
in get operation and back in put. The overlay_start_x field value was not
copied from or to the user space struct.

Fix this so that the value of overlay_start_x is copied to overlay_start_x
and the value of overlay_start_y is copied to overlay_start_y.

Also do copy blend_overlay_perc_u field only once.

Signed-off-by: Sakari Ailus <sakari.ailus@xxxxxxxxxxxxxxx>
---
 drivers/staging/media/atomisp/pci/atomisp_compat_ioctl32.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/drivers/staging/media/atomisp/pci/atomisp_compat_ioctl32.c b/drivers/staging/media/atomisp/pci/atomisp_compat_ioctl32.c
index 3079043f1fac0..1853d907260db 100644
--- a/drivers/staging/media/atomisp/pci/atomisp_compat_ioctl32.c
+++ b/drivers/staging/media/atomisp/pci/atomisp_compat_ioctl32.c
@@ -399,7 +399,8 @@ static int get_atomisp_overlay32(struct atomisp_overlay *kp,
 	    get_user(kp->blend_overlay_perc_u, &up->blend_overlay_perc_u) ||
 	    get_user(kp->blend_overlay_perc_v, &up->blend_overlay_perc_v) ||
 	    get_user(kp->blend_overlay_perc_u, &up->blend_overlay_perc_u) ||
-	    get_user(kp->overlay_start_x, &up->overlay_start_y))
+	    get_user(kp->overlay_start_x, &up->overlay_start_x) ||
+	    get_user(kp->overlay_start_y, &up->overlay_start_y))
 		return -EFAULT;
 
 	kp->frame = (void __force *)compat_ptr(frame);
@@ -423,7 +424,8 @@ static int put_atomisp_overlay32(struct atomisp_overlay *kp,
 	    put_user(kp->blend_overlay_perc_u, &up->blend_overlay_perc_u) ||
 	    put_user(kp->blend_overlay_perc_v, &up->blend_overlay_perc_v) ||
 	    put_user(kp->blend_overlay_perc_u, &up->blend_overlay_perc_u) ||
-	    put_user(kp->overlay_start_x, &up->overlay_start_y))
+	    put_user(kp->overlay_start_x, &up->overlay_start_x)
+	    put_user(kp->overlay_start_y, &up->overlay_start_y))
 		return -EFAULT;
 
 	return 0;
-- 
2.20.1







