iv/linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
linux/drivers/gpu/drm/savage
History
Xi Wang 6587eb8261 drm/savage: fix integer overflows in savage_bci_cmdbuf() 
Since cmdbuf->size and cmdbuf->nbox are from userspace, a large value
would overflow the allocation size, leading to out-of-bounds access.

Signed-off-by: Xi Wang <xi.wang@gmail.com>
Signed-off-by: Dave Airlie <airlied@redhat.com>
2012-04-10 10:22:51 +01:00
..
Makefile
drm: reorganise drm tree to be more future proof.
2008-07-14 10:45:01 +10:00
savage_bci.c
savage: remove unnecessary if statement
2011-06-14 09:29:12 +10:00
savage_drv.c
drm: Make the per-driver file_operations struct const
2011-11-11 11:14:47 +00:00
savage_drv.h
drm: reorganise drm tree to be more future proof.
2008-07-14 10:45:01 +10:00
savage_state.c
drm/savage: fix integer overflows in savage_bci_cmdbuf()
2012-04-10 10:22:51 +01:00