linux-next/bluetooth at e4eea890369c00dd58d97b1c066dc2bddf0da2c7 - linux-next - MyRedstone

Kernel/linux-next

mirror of https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git synced 2025-01-09 15:29:16 +00:00

History

Dan Carpenter e4eea89036 Bluetooth: vhci: Fix info leak in force_devcd_write()

There are a number of bugs here:

1) If "count" is less than sizeof(dump_data.data) then it copies
   uninitialized data.
2) If simple_write_to_buffer() returns -EFAULT then we run into a
   problem "ret < count" comparison.  "count" is an unsigned long so the
   comparison is type promoted to unsigned long and the negative returns
   become high positive values.  That also results in copying
   uninitialized data.
3) If "*ppos" is non-zero then the first part of the dump_data
   buffer is uninitialized.  Using copy_from_user() instead of
   simple_write_to_buffer() is more appropriate here.

Fixes: d5d5df6da0aa ("Bluetooth: Add vhci devcoredump support")
Signed-off-by: Dan Carpenter <error27@gmail.com>
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>

2023-04-23 22:02:57 -07:00

..

ath3k.c

Bluetooth: ath3k: remove superfluous header files

2022-03-18 17:12:09 +01:00

bcm203x.c

Bluetooth: bcm203x: remove superfluous header files

2022-03-18 17:12:09 +01:00

bfusb.c

Bluetooth: bfusb: fix division by zero in send path

2021-10-25 15:04:46 +02:00

bluecard_cs.c

Bluetooth: Use fallthrough pseudo-keyword

2020-07-10 19:09:42 +02:00

bpa10x.c

Bluetooth: bpa10x: change return value

2019-09-04 16:11:46 +02:00

bt3c_cs.c

Bluetooth: bt3c_cs: Fix obsolete function

2018-09-27 12:57:39 +02:00

btbcm.c

Bluetooth: hci_bcm: Fall back to getting bdaddr from EFI if not set

2023-04-23 22:00:18 -07:00

btbcm.h

Bluetooth: hci_bcm: Add support for FW loading in autobaud mode

2022-07-21 17:04:38 -07:00

btintel.c

Bluetooth: btintel: Add Intel devcoredump support

2023-04-23 21:59:02 -07:00

btintel.h

Bluetooth: btintel: Add Intel devcoredump support

2023-04-23 21:59:02 -07:00

btmrvl_debugfs.c

treewide: Replace GPLv2 boilerplate/reference with SPDX - gpl-2.0_390.RULE

2022-06-10 14:51:36 +02:00

btmrvl_drv.h

treewide: Replace GPLv2 boilerplate/reference with SPDX - gpl-2.0_390.RULE

2022-06-10 14:51:36 +02:00

btmrvl_main.c

treewide: Replace GPLv2 boilerplate/reference with SPDX - gpl-2.0_390.RULE

2022-06-10 14:51:36 +02:00

btmrvl_sdio.c

Bluetooth: btmrvl_sdio: mark OF related data as maybe unused

2023-04-23 21:49:18 -07:00

btmrvl_sdio.h

treewide: Replace GPLv2 boilerplate/reference with SPDX - gpl-2.0_390.RULE

2022-06-10 14:51:36 +02:00

btmtk.c

Bluetooth: btmtkuart: rely on BT_MTK module

2022-03-18 17:12:07 +01:00

btmtk.h

Bluetooth: btmtkuart: rely on BT_MTK module

2022-03-18 17:12:07 +01:00

btmtksdio.c

Bluetooth: btmtksdio: Add in-band wakeup support

2022-07-21 17:08:03 -07:00

btmtkuart.c

Bluetooth: btmtkuart: mark OF related data as maybe unused

2023-04-23 21:49:47 -07:00

btnxpuart.c

Bluetooth: btnxpuart: No need to check the received bootloader signature

2023-04-23 22:01:59 -07:00

btqca.c

Bluetooth: hci_qca: Add support for QTI Bluetooth chip wcn6855

2023-04-23 21:57:28 -07:00

btqca.h

Bluetooth: hci_qca: Add support for QTI Bluetooth chip wcn6855

2023-04-23 21:57:28 -07:00

btqcomsmd.c

Bluetooth: btqcomsmd: Fix command timeout after setting BD address

2023-03-23 13:09:38 -07:00

btrsi.c

Bluetooth: btrsi: remove superfluous header files from btrsi.c

2021-09-29 00:13:48 +02:00

btrtl.c

Bluetooth: btrtl: check for NULL in btrtl_set_quirks()

2023-04-23 21:57:00 -07:00

btrtl.h

Bluetooth: btrtl: add support for the RTL8723CS

2023-04-23 21:50:24 -07:00

btsdio.c

Bluetooth: btsdio: fix use after free bug in btsdio_remove due to race condition

2023-04-10 10:23:01 -07:00

btusb.c

Bluetooth: btintel: Add Intel devcoredump support

2023-04-23 21:59:02 -07:00

dtl1_cs.c

networking: add and use skb_put_u8()

2017-06-16 11:48:40 -04:00

h4_recv.h

treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156

2019-05-30 11:26:35 -07:00

hci_ag6xx.c

Bluetooth: hci_uart: Remove redundant assignment to fw_ptr

2021-06-26 07:52:41 +02:00

hci_ath.c

Bluetooth: hci_uart: check for missing tty operations

2019-07-31 13:17:33 -07:00

hci_bcm4377.c

Bluetooth: hci_bcm4377: Fix missing pci_disable_device() on error in bcm4377_probe()

2022-12-12 14:19:25 -08:00

hci_bcm.c

Bluetooth: hci_bcm: Add Acer Iconia One 7 B1-750 to the bcm_broken_irq_dmi_table

2023-04-23 22:01:00 -07:00

hci_bcsp.c

treewide: Convert del_timer*() to timer_shutdown*()

2022-12-25 13:38:09 -08:00

hci_h4.c

Bluetooth: hci_h4: Fix padding calculation error within h4_recv_buf()

2021-11-16 13:57:25 +01:00

hci_h5.c

Bluetooth: hci_h5: Complements reliable packet processing logic

2023-04-23 22:00:04 -07:00

hci_intel.c

Bluetooth: hci_intel: Add check for platform_driver_register

2022-07-21 17:05:10 -07:00

hci_ldisc.c

Bluetooth: hci_ldisc: Fix tty_set_termios() return value assumptions

2023-04-23 21:50:55 -07:00

hci_ll.c

Bluetooth: hci_ll: drop of_match_ptr for ID table

2023-04-23 21:49:03 -07:00

hci_mrvl.c

Bluetooth: hci_mrvl: Add serdev support for 88W8997

2023-04-23 21:45:29 -07:00

hci_nokia.c

Bluetooth: hci_nokia: Save a few cycles in 'nokia_enqueue()'

2019-10-16 19:26:40 +02:00

hci_qca.c

Bluetooth: hci_qca: mark OF related data as maybe unused

2023-04-23 22:02:43 -07:00

hci_serdev.c

Bluetooth: hci_{ldisc,serdev}: check percpu_init_rwsem() failure

2022-09-19 10:33:39 -07:00

hci_uart.h

Bluetooth: hci_h5: Disable the hci_suspend_notifier for btrtl devices

2021-07-22 16:06:09 +02:00

hci_vhci.c

Bluetooth: vhci: Fix info leak in force_devcd_write()

2023-04-23 22:02:57 -07:00

Kconfig

Bluetooth: Add vhci devcoredump support

2023-04-23 21:58:21 -07:00

Makefile

Bluetooth: NXP: Add protocol support for NXP Bluetooth chipsets

2023-04-23 21:51:55 -07:00

virtio_bt.c

virtio_bt: Fix alignment in configuration struct

2022-12-12 14:19:23 -08:00