Gitiles
Code Review Sign In
gerrit-public.fairphone.software / kernel / msm-4.19 / 72f099805dbc907fbe8fa19bccdc31d3e2ee6e9e
commit72f099805dbc907fbe8fa19bccdc31d3e2ee6e9e[log] [tgz]
authorGeorge Kennedy <george.kennedy@oracle.com>Fri Jul 31 12:33:11 2020 -0400
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>Thu Sep 03 11:24:27 2020 +0200
tree6c986c27e0b813d425e70549d363551b557b0698
parentb0186a11dfe7b2ee767b4e7acfea921594ecdb7f [diff]
fbcon: prevent user font height or width change from causing potential out-of-bounds access

commit 39b3cffb8cf3111738ea993e2757ab382253d86a upstream.

Add a check to fbcon_resize() to ensure that a possible change to user font
height or user font width will not allow a font data out-of-bounds access.
NOTE: must use original charcount in calculation as font charcount can
change and cannot be used to determine the font data allocated size.

Signed-off-by: George Kennedy <george.kennedy@oracle.com>
Cc: stable <stable@vger.kernel.org>
Reported-by: syzbot+38a3699c7eaf165b97a6@syzkaller.appspotmail.com
Link: https://lore.kernel.org/r/1596213192-6635-1-git-send-email-george.kennedy@oracle.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
1 file changed
tree: 6c986c27e0b813d425e70549d363551b557b0698
  1. arch/
  2. block/
  3. certs/
  4. crypto/
  5. Documentation/
  6. drivers/
  7. firmware/
  8. fs/
  9. include/
  10. init/
  11. ipc/
  12. kernel/
  13. lib/
  14. LICENSES/
  15. mm/
  16. net/
  17. samples/
  18. scripts/
  19. security/
  20. sound/
  21. tools/
  22. usr/
  23. virt/
  24. .clang-format
  25. .cocciconfig
  26. .get_maintainer.ignore
  27. .gitattributes
  28. .gitignore
  29. .mailmap
  30. COPYING
  31. CREDITS
  32. Kbuild
  33. Kconfig
  34. MAINTAINERS
  35. Makefile
  36. README