OpenE2K/linux
6
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
71921690f9
linux/drivers/android
History
Todd Kjos 1698174271 binder: fix incorrect calculation for num_valid 
For BINDER_TYPE_PTR and BINDER_TYPE_FDA transactions, the
num_valid local was calculated incorrectly causing the
range check in binder_validate_ptr() to miss out-of-bounds
offsets.

Fixes: bde4a19fc0 ("binder: use userspace pointer as base of buffer space")
Signed-off-by: Todd Kjos <tkjos@google.com>
Cc: stable <stable@vger.kernel.org>
Link: https://lore.kernel.org/r/20191213202531.55010-1-tkjos@google.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2019-12-14 09:10:47 +01:00
..
binder_alloc_selftest.c
binder_alloc.c binder: Handle start==NULL in binder_update_page_range() 2019-11-14 11:44:47 +08:00
binder_alloc.h
binder_internal.h binder: prevent UAF read in print_binder_transaction_log_entry() 2019-10-10 14:39:22 +02:00
binder_trace.h
binder.c binder: fix incorrect calculation for num_valid 2019-12-14 09:10:47 +01:00
binderfs.c binder: Add binder_proc logging to binderfs 2019-09-04 13:31:26 +02:00
Kconfig
Makefile