iv/linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
6f2f49ae4c
linux/drivers/media/platform/exynos4-is
History
Lv Yunlong 01fe904c9a media: exynos4-is: Fix a use after free in isp_video_release 
In isp_video_release, file->private_data is freed via
_vb2_fop_release()->v4l2_fh_release(). But the freed
file->private_data is still used in v4l2_fh_is_singular_file()
->v4l2_fh_is_singular(file->private_data), which is a use
after free bug.

My patch uses a variable 'is_singular_file' to avoid the uaf.
v3: https://lore.kernel.org/patchwork/patch/1419058/

Fixes: 34947b8aeb ("[media] exynos4-is: Add the FIMC-IS ISP capture DMA driver")
Signed-off-by: Lv Yunlong <lyl2019@mail.ustc.edu.cn>
Signed-off-by: Hans Verkuil <hverkuil-cisco@xs4all.nl>
Signed-off-by: Mauro Carvalho Chehab <mchehab+huawei@kernel.org>
2021-06-02 13:17:24 +02:00
..
common.c
common.h
fimc-capture.c media: exynos4-is: fix pm_runtime_get_sync() usage count 2021-05-10 11:36:34 +02:00
fimc-core.c media: platform: exynos4-is: remove all references to physical addresses 2020-12-03 07:49:16 +01:00
fimc-core.h media: exynos4-is: fix kernel-doc warnings 2021-04-06 10:29:08 +02:00
fimc-is-command.h
fimc-is-errno.c
fimc-is-errno.h
fimc-is-i2c.c
fimc-is-i2c.h
fimc-is-param.c
fimc-is-param.h
fimc-is-regs.c
fimc-is-regs.h
fimc-is-sensor.c
fimc-is-sensor.h
fimc-is.c media: exynos4-is: fix pm_runtime_get_sync() usage count 2021-05-10 11:36:34 +02:00
fimc-is.h media: exynos4-is: Fix kernel-doc entries in fimc-is.h 2021-04-06 19:35:48 +02:00
fimc-isp-video.c media: exynos4-is: Fix a use after free in isp_video_release 2021-06-02 13:17:24 +02:00
fimc-isp-video.h
fimc-isp.c media: exynos4-is: fix pm_runtime_get_sync() usage count 2021-05-10 11:36:34 +02:00
fimc-isp.h media: exynos4-is: fix kernel-doc warnings 2021-04-06 10:29:08 +02:00
fimc-lite-reg.c media: platform: exynos4-is: remove all references to physical addresses 2020-12-03 07:49:16 +01:00
fimc-lite-reg.h
fimc-lite.c media: exynos4-is: fix pm_runtime_get_sync() usage count 2021-05-10 11:36:34 +02:00
fimc-lite.h media: exynos4-is: fix kernel-doc warnings 2021-04-06 10:29:08 +02:00
fimc-m2m.c media: exynos4-is: fix pm_runtime_get_sync() usage count 2021-05-10 11:36:34 +02:00
fimc-reg.c media: platform: exynos4-is: remove all references to physical addresses 2020-12-03 07:49:16 +01:00
fimc-reg.h media: exynos4-is: fix kernel-doc warnings 2021-04-06 10:29:08 +02:00
Kconfig media: Kconfig files: use select for V4L2 subdevs and MC 2020-04-14 10:29:05 +02:00
Makefile
media-dev.c media: exynos4-is: remove a now unused integer 2021-05-11 17:03:21 +02:00
media-dev.h media: exynos4-is: fix kernel-doc warnings 2021-04-06 10:29:08 +02:00
mipi-csis.c media: exynos4-is: fix pm_runtime_get_sync() usage count 2021-05-10 11:36:34 +02:00
mipi-csis.h