Gitiles
Code Review Sign In
gerrit-public.fairphone.software / fp2-dev / kernel / msm / 5d32fafc8341ec8b4cebecd18bbd81ea94466349
commit5d32fafc8341ec8b4cebecd18bbd81ea94466349[log] [tgz]
authorGaoxiang Chen <gaochen@codeaurora.org>Wed May 17 15:14:36 2017 +0800
committerWong Johnny <johnny.wong@hi-p.com>Fri Aug 18 15:11:29 2017 +0800
treec47839a760adf64bbead81e91a8126e4c609e76c
parent52110432ba5e631b65b7791f81ffcc9dc588b28c [diff]
msm: camera: fix off-by-one overflow in msm_isp_get_bufq

In msm_isp_get_bufq, if bufq_index equals buf_mgr->num_buf_q,
it will pass the check, leading to off-by-one overflow
(exceed the length of array by one element).

FPIIM-1556

CRs-Fixed: 2031677
Bug: 36136563
Change-Id: I7ea465897e2c37de6ca0155c3e225f1444b3cf13
Signed-off-by: Gaoxiang Chen <gaochen@codeaurora.org>
1 file changed
tree: c47839a760adf64bbead81e91a8126e4c609e76c
  1. arch/
  2. block/
  3. crypto/
  4. Documentation/
  5. drivers/
  6. firmware/
  7. fs/
  8. include/
  9. init/
  10. ipc/
  11. kernel/
  12. lib/
  13. mm/
  14. net/
  15. samples/
  16. scripts/
  17. security/
  18. sound/
  19. tools/
  20. usr/
  21. virt/
  22. .gitignore
  23. .mailmap
  24. AndroidKernel.mk
  25. COPYING
  26. CREDITS
  27. Kbuild
  28. Kconfig
  29. MAINTAINERS
  30. Makefile
  31. README
  32. REPORTING-BUGS