commit | 5ed14fbc1ae9991ea2c11c037c33451fc7957a39 | [log] [tgz] |
---|---|---|
author | Daniel Rosenberg <drosen@google.com> | Mon Mar 12 15:57:54 2018 -0700 |
committer | SecurityBot <android-nexus-securitybot@system.gserviceaccount.com> | Tue Jul 03 10:22:53 2018 -0700 |
tree | a9ebd5b501c58ade3f34f41346e5f2f4fa038314 | |
parent | f7a4c053db8272ff190792131bb681d397533111 [diff] |
ANDROID: HID: debug: check length in hid_debug_events_read() before copy_to_user() If our length is greater than the size of the buffer, we overflow the buffer Bug: 71361580 Change-Id: I113a1955a2bac83c83084d5cd28d886175673219 Signed-off-by: Daniel Rosenberg <drosen@google.com>