OpenCloudOS-Kernel/drivers/hid/i2c-hid
Adrian Salido 8320caeeff HID: i2c-hid: allocate hid buffers for real worst case
The buffer allocation is not currently accounting for an extra byte for
the report id. This can cause an out of bounds access in function
i2c_hid_set_or_send_report() with reportID > 15.

Cc: stable@vger.kernel.org
Signed-off-by: Adrian Salido <salidoa@google.com>
Reviewed-by: Benson Leung <bleung@chromium.org>
Signed-off-by: Guenter Roeck <groeck@chromium.org>
Signed-off-by: Dmitry Torokhov <dmitry.torokhov@gmail.com>
Signed-off-by: Jiri Kosina <jkosina@suse.cz>
2017-09-13 18:16:40 +02:00
..
Kconfig HID: i2c-hid: enhance Kconfig 2012-12-05 10:55:03 +01:00
Makefile HID: i2c-hid: introduce HID over i2c specification implementation 2012-11-19 11:04:38 +01:00
i2c-hid.c HID: i2c-hid: allocate hid buffers for real worst case 2017-09-13 18:16:40 +02:00