android/android_kernel_cmhtcleo
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

msm: kgsl: fix size checking in adreno_find_region

Browse Source 
This function is supposed to return the memdesc that
contains the range gpuaddr to gpuaddr + size. One of the
lookups was using sizeof(unsigned int) instead of size,
which could cause false positive results from this function
and possibly kernel panics in the snapshot or postmortem
code, which rely on it to do bounds checking for them.
This commit is contained in:
securecrt 2012-06-20 12:39:35 +08:00
parent fd5e7d8237
commit 73aff24078
1 changed files with 1 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
drivers/gpu/msm/adreno.c
View File

@ -945,8 +945,7 @@ const struct kgsl_memdesc *adreno_find_region(struct kgsl_device *device,
if (!kgsl_mmu_pt_equal(priv->pagetable, pt_base))
continue;
spin_lock(&priv->mem_lock);
entry = kgsl_sharedmem_find_region(priv, gpuaddr,
sizeof(unsigned int));
entry = kgsl_sharedmem_find_region(priv, gpuaddr, size);
if (entry) {
result = &entry->memdesc;
spin_unlock(&priv->mem_lock);