Re: [PATCH] media: vb2: add length check for mmap

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




On 4/12/2013 5:57 AM, Seung-Woo Kim wrote:
The length of mmap() can be bigger than length of vb2 buffer, so
it should be checked.

Signed-off-by: Seung-Woo Kim <sw0312.kim@xxxxxxxxxxx>

Acked-by: Marek Szyprowski <m.szyprowski@xxxxxxxxxxx>

---
  drivers/media/v4l2-core/videobuf2-core.c |    5 +++++
  1 files changed, 5 insertions(+), 0 deletions(-)

diff --git a/drivers/media/v4l2-core/videobuf2-core.c b/drivers/media/v4l2-core/videobuf2-core.c
index db1235d..2c6ff2d 100644
--- a/drivers/media/v4l2-core/videobuf2-core.c
+++ b/drivers/media/v4l2-core/videobuf2-core.c
@@ -1886,6 +1886,11 @@ int vb2_mmap(struct vb2_queue *q, struct vm_area_struct *vma)
vb = q->bufs[buffer]; + if (vb->v4l2_planes[plane].length < (vma->vm_end - vma->vm_start)) {
+		dprintk(1, "Invalid length\n");
+		return -EINVAL;
+	}
+
  	ret = call_memop(q, mmap, vb->planes[plane].mem_priv, vma);
  	if (ret)
  		return ret;

Best regards
--
Marek Szyprowski
Samsung Poland R&D Center


--
To unsubscribe from this list: send the line "unsubscribe linux-media" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html




[Index of Archives]     [Linux Input]     [Video for Linux]     [Gstreamer Embedded]     [Mplayer Users]     [Linux USB Devel]     [Linux Audio Users]     [Linux Kernel]     [Linux SCSI]     [Yosemite Backpacking]
  Powered by Linux