mirror of
https://github.com/raspberrypi/linux.git
synced 2025-12-27 20:42:52 +00:00
df6dc12e5e
Rewrite the parser for the vendor firmware descriptor with the following improvements. - Validate the key-value length given in a vendor descriptor against the length of the descriptor. The current code fails to do this and might read more bytes than available. This can lead to out-of-bounds reads of the allocated buffer. - Read raw data with helpers for unaligned data. This allows the code to run on platforms that do now support unaligned memory access by default. - Validate the pixel limit against a default value. The default comes from real-world devices. If the reported number of pixels is significantly above the limit, it is likely invalid. - Drop the obsolete print macros. There is still a warning about invalid firmware descriptors. The rest of the output is bogus. Signed-off-by: Thomas Zimmermann <tzimmermann@suse.de> Reviewed-by: Patrik Jakobsson <patrik.r.jakobsson@gmail.com> Link: https://lore.kernel.org/r/20250410105948.25463-9-tzimmermann@suse.de