On 21/03/2021 09:50, Hans Verkuil wrote:
> Hi Arnd,
>> diff --git a/drivers/media/v4l2-core/v4l2-subdev.c
>> b/drivers/media/v4l2-core/v4l2-subdev.c
>> index 336133dbc759..9f5573d3b857 100644
>> --- a/drivers/media/v4l2-core/v4l2-subdev.c
>> +++ b/drivers/media/v4l2-core/v4l2-subdev.c
>> @@ -42
Hi Arnd,
On 18/03/2021 14:43, Arnd Bergmann wrote:
> From: Arnd Bergmann
>
> Syzbot found that passing ioctl command 0xc0505609 into a 64-bit
> kernel from a 32-bit process causes uninitialized kernel memory to
> get passed to drivers instead of the user space data:
>
> BUG: KMSAN: uninit-value
On Thu, Mar 18, 2021 at 4:00 PM Laurent Pinchart
wrote:
> On Thu, Mar 18, 2021 at 02:43:18PM +0100, Arnd Bergmann wrote:
>
> v4l2_event vs. v4l2_event32 vs. v4l2_event_time32 vs.
> v4l2_event32_time32 is a bit confusing. Do I understand correctly that
> the code below runs for the non-compat path,
Hi Arnd,
Thank you for the patch.
On Thu, Mar 18, 2021 at 02:43:18PM +0100, Arnd Bergmann wrote:
> From: Arnd Bergmann
>
> Syzbot found that passing ioctl command 0xc0505609 into a 64-bit
> kernel from a 32-bit process causes uninitialized kernel memory to
> get passed to drivers instead of the
From: Arnd Bergmann
Syzbot found that passing ioctl command 0xc0505609 into a 64-bit
kernel from a 32-bit process causes uninitialized kernel memory to
get passed to drivers instead of the user space data:
BUG: KMSAN: uninit-value in check_array_args
drivers/media/v4l2-core/v4l2-ioctl.c:3041 [i
5 matches
Mail list logo
