msm: ais: Fix out-of-bounds read in string class name

author Deepak Shankar <dees@codeaurora.org>

Thu, 16 Aug 2018 09:29:17 +0000 (14:59 +0530)

committer Gerrit - the friendly Code Review server <code-review@localhost>

Tue, 21 Aug 2018 12:19:42 +0000 (05:19 -0700)
author Deepak Shankar <dees@codeaurora.org>
Thu, 16 Aug 2018 09:29:17 +0000 (14:59 +0530)
committer Gerrit - the friendly Code Review server <code-review@localhost>
Tue, 21 Aug 2018 12:19:42 +0000 (05:19 -0700)
diff --git a/drivers/media/platform/msm/ais/jpeg_10/msm_jpeg_dev.c b/drivers/media/platform/msm/ais/jpeg_10/msm_jpeg_dev.c

index 88c822c..2e3b4fe 100644 (file)
--- a/drivers/media/platform/msm/ais/jpeg_10/msm_jpeg_dev.c
+++ b/drivers/media/platform/msm/ais/jpeg_10/msm_jpeg_dev.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2012-2017, The Linux Foundation. All rights reserved.
+/* Copyright (c) 2012-2018, The Linux Foundation. All rights reserved.
   *
   * This program is free software; you can redistribute it and/or modify
   * it under the terms of the GNU General Public License version 2 and
@@ -32,6 +32,8 @@
  #define MSM_JPEG_NAME "jpeg"
  #define DEV_NAME_LEN 10
  
+static char devname[DEV_NAME_LEN];
+
  static int msm_jpeg_open(struct inode *inode, struct file *filp)
  {
         int rc = 0;
@@ -185,7 +187,6 @@ static int msm_jpeg_init_dev(struct platform_device *pdev)
         struct msm_jpeg_device *msm_jpeg_device_p;
         const struct of_device_id *device_id;
         const struct msm_jpeg_priv_data *priv_data;
-       char devname[DEV_NAME_LEN];
  
         msm_jpeg_device_p = kzalloc(sizeof(struct msm_jpeg_device), GFP_ATOMIC);
         if (!msm_jpeg_device_p) {
author	Deepak Shankar <dees@codeaurora.org>
	Thu, 16 Aug 2018 09:29:17 +0000 (14:59 +0530)
committer	Gerrit - the friendly Code Review server <code-review@localhost>
	Tue, 21 Aug 2018 12:19:42 +0000 (05:19 -0700)