Commit 6bcf34b7 authored by Chris Lew's avatar Chris Lew Committed by sanglipeng
Browse files

soc: qcom: qmi_encdec: Restrict string length in decode 

stable inclusion
from stable-v5.10.195
commit 2ccab9f82772ead618689d17dbc6950d6bd1e741
category: bugfix
bugzilla: https://gitee.com/openeuler/kernel/issues/I95JOC

Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=2ccab9f82772ead618689d17dbc6950d6bd1e741



--------------------------------

commit 8d207400 upstream.

The QMI TLV value for strings in a lot of qmi element info structures
account for null terminated strings with MAX_LEN + 1. If a string is
actually MAX_LEN + 1 length, this will cause an out of bounds access
when the NULL character is appended in decoding.

Fixes: 9b8a11e8 ("soc: qcom: Introduce QMI encoder/decoder")
Cc: stable@vger.kernel.org
Signed-off-by: default avatarChris Lew <quic_clew@quicinc.com>
Signed-off-by: default avatarPraveenkumar I <quic_ipkumar@quicinc.com>
Link: https://lore.kernel.org/r/20230801064712.3590128-1-quic_ipkumar@quicinc.com


Signed-off-by: default avatarBjorn Andersson <andersson@kernel.org>
Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: default avatarsanglipeng <sanglipeng1@jd.com>
parent 5deb1144
Show whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please to comment