Commit 542b112c authored by Kees Cook's avatar Kees Cook Committed by sanglipeng
Browse files

media: uvcvideo: Silence memcpy() run-time false positive warnings 

stable inclusion
from stable-v5.10.173
commit c4d96503d67b2c4de9772521cac84e5f25218c7c
category: bugfix
bugzilla: https://gitee.com/openeuler/kernel/issues/I7X0QU

Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=c4d96503d67b2c4de9772521cac84e5f25218c7c



--------------------------------

[ Upstream commit b8392129 ]

The memcpy() in uvc_video_decode_meta() intentionally copies across the
length and flags members and into the trailing buf flexible array.
Split the copy so that the compiler can better reason about (the lack
of) buffer overflows here. Avoid the run-time false positive warning:

  memcpy: detected field-spanning write (size 12) of single field "&meta->length" at drivers/media/usb/uvc/uvc_video.c:1355 (size 1)

Additionally fix a typo in the documentation for struct uvc_meta_buf.

Reported-by: default avatar <ionut_n2001@yahoo.com>
Link: https://bugzilla.kernel.org/show_bug.cgi?id=216810


Signed-off-by: default avatarKees Cook <keescook@chromium.org>
Reviewed-by: default avatarLaurent Pinchart <laurent.pinchart@ideasonboard.com>
Signed-off-by: default avatarLaurent Pinchart <laurent.pinchart@ideasonboard.com>
Signed-off-by: default avatarSasha Levin <sashal@kernel.org>
Signed-off-by: default avatarsanglipeng <sanglipeng1@jd.com>
parent fc938b78
Show whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please to comment