Commit 8dd76337 authored by Gavrilov Ilia's avatar Gavrilov Ilia Committed by sanglipeng
Browse files

iommu/amd: Add a length limitation for the ivrs_acpihid command-line parameter 

stable inclusion
from stable-v5.10.175
commit f2a5ec7f7b28f9b9cd5fac232ff51019a7f7b9e9
category: bugfix
bugzilla: https://gitee.com/openeuler/kernel/issues/I8711T

Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=f2a5ec7f7b28f9b9cd5fac232ff51019a7f7b9e9



--------------------------------

[ Upstream commit b6b26d86 ]

The 'acpiid' buffer in the parse_ivrs_acpihid function may overflow,
because the string specifier in the format string sscanf()
has no width limitation.

Found by InfoTeCS on behalf of Linux Verification Center
(linuxtesting.org) with SVACE.

Fixes: ca3bf5d4 ("iommu/amd: Introduces ivrs_acpihid kernel parameter")
Cc: stable@vger.kernel.org
Signed-off-by: default avatarIlia.Gavrilov <Ilia.Gavrilov@infotecs.ru>
Reviewed-by: default avatarKim Phillips <kim.phillips@amd.com>
Link: https://lore.kernel.org/r/20230202082719.1513849-1-Ilia.Gavrilov@infotecs.ru


Signed-off-by: default avatarJoerg Roedel <jroedel@suse.de>
Signed-off-by: default avatarSasha Levin <sashal@kernel.org>
Signed-off-by: default avatarsanglipeng <sanglipeng1@jd.com>
parent 50309845
Show whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please to comment