6587eb8261
Since cmdbuf->size and cmdbuf->nbox are from userspace, a large value would overflow the allocation size, leading to out-of-bounds access. Signed-off-by: Xi Wang <xi.wang@gmail.com> Signed-off-by: Dave Airlie <airlied@redhat.com> |
||
---|---|---|
.. | ||
Makefile | ||
savage_bci.c | ||
savage_drv.c | ||
savage_drv.h | ||
savage_state.c |