UbiquitousOS
/
anolis-cloud-kernel
mirror of https://gitee.com/anolis/cloud-kernel.git
11
0
Fork 0
Code Issues Projects Releases Wiki Activity
anolis-cloud-kernel/drivers/input
History
Dmitry Torokhov 99ebde4a57 Input: add safety guards to input_set_keycode() 
OpenAnolis Bug Tracker: 0000534

commit cb222aed03 upstream.

If we happen to have a garbage in input device's keycode table with values
too big we'll end up doing clear_bit() with offset way outside of our
bitmaps, damaging other objects within an input device or even outside of
it. Let's add sanity checks to the returned old keycodes.

Reported-by: syzbot+c769968809f9359b07aa@syzkaller.appspotmail.com
Reported-by: syzbot+76f3a30e88d256644c78@syzkaller.appspotmail.com
Link: https://lore.kernel.org/r/20191207212757.GA245964@dtor-ws
Signed-off-by: Dmitry Torokhov <dmitry.torokhov@gmail.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

Fixes: CVE-2019-20636
Signed-off-by: Shile Zhang <shile.zhang@linux.alibaba.com>
Acked-by: Joseph Qi <joseph.qi@linux.alibaba.com>
Acked-by: Artie Ding <artie.ding@linux.alibaba.com>
Acked-by: XuanZhuo <xuanzhuo@linux.alibaba.com>
 		2021-11-22 17:07:03 +08:00
..
gameport Input: stop telling users to snail-mail Vojtech 2018-07-26 17:04:37 -07:00
joystick Input: Fix memory leak in psxpad_spi_probe 2019-12-13 08:52:40 +01:00
keyboard Input: imx_keypad - make sure keyboard can always wake up system 2019-07-14 08:11:09 +02:00
misc Input: da9063 - fix capability and drop KEY_SLEEP 2019-10-29 09:19:51 +01:00
mouse Input: synaptics - switch another X1 Carbon 6 to RMI/SMbus 2019-12-13 08:52:38 +01:00
rmi4 Input: synaptics-rmi4 - don't increment rmiaddr for SMBus transfers 2019-12-13 08:52:39 +01:00
serio parisc: Fix HP SDC hpa address output 2019-12-05 09:19:57 +01:00
tablet Input: kbtab - sanity check for endpoint type 2019-08-25 10:47:49 +02:00
touchscreen Input: goodix - add upside-down quirk for Teclast X89 tablet 2019-12-13 08:52:39 +01:00
Kconfig docs: fix broken references with multiple hints 2018-06-15 18:10:01 -03:00
Makefile License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
apm-power.c
evbug.c Input: stop telling users to snail-mail Vojtech 2018-07-26 17:04:37 -07:00
evdev.c Input: evdev - add a schedule point in evdev_write() 2018-10-05 11:42:31 -07:00
ff-core.c
ff-memless.c Input: ff-memless - kill timer in destroy() 2019-11-20 18:45:14 +01:00
input-compat.c Input: extend usable life of event timestamps to 2106 on 32 bit systems 2018-01-09 16:40:30 -08:00
input-compat.h Input: extend usable life of event timestamps to 2106 on 32 bit systems 2018-01-09 16:40:30 -08:00
input-leds.c treewide: Use struct_size() for kmalloc()-family 2018-06-06 11:15:43 -07:00
input-mt.c Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/dtor/input 2018-06-27 09:16:53 -07:00
input-polldev.c Input: remove remaining unneeded MODULE_VERSION() usage 2018-01-16 16:48:25 -08:00
input.c Input: add safety guards to input_set_keycode() 2021-11-22 17:07:03 +08:00
joydev.c vfs: do bulk POLL* -> EPOLL* replacement 2018-02-11 14:34:03 -08:00
matrix-keymap.c treewide: devm_kzalloc() -> devm_kcalloc() 2018-06-12 16:19:22 -07:00
mousedev.c Input: mousedev - add a schedule point in mousedev_write() 2018-10-04 17:42:26 -07:00
sparse-keymap.c Input: remove remaining unneeded MODULE_VERSION() usage 2018-01-16 16:48:25 -08:00