qseecom: check invalid handle for app loaded query request
Check if the handle data_type received from userspace is valid for app loaded query request to avoid the offset boundary check for qseecom_send_modfd_resp is bypassed. Change-Id: I5f3611a8f830d6904213781c5ba70cfc0ba3e2e0 Signed-off-by: Zhen Kong <zkong@codeaurora.org>
This commit is contained in:
parent
44fdb4e1df
commit
266819e84c
|
@ -7014,6 +7014,13 @@ long qseecom_ioctl(struct file *file, unsigned cmd, unsigned long arg)
|
|||
break;
|
||||
}
|
||||
case QSEECOM_IOCTL_APP_LOADED_QUERY_REQ: {
|
||||
if ((data->type != QSEECOM_GENERIC) &&
|
||||
(data->type != QSEECOM_CLIENT_APP)) {
|
||||
pr_err("app loaded query req: invalid handle (%d)\n",
|
||||
data->type);
|
||||
ret = -EINVAL;
|
||||
break;
|
||||
}
|
||||
data->type = QSEECOM_CLIENT_APP;
|
||||
mutex_lock(&app_access_lock);
|
||||
atomic_inc(&data->ioctl_count);
|
||||
|
|
Loading…
Reference in New Issue