From 42ec2f0714858376db064e87674c491d7f457e5d Mon Sep 17 00:00:00 2001 From: Hans de Goede Date: Sun, 12 Jun 2022 17:05:55 +0100 Subject: [PATCH] media: atomisp: fix uninitialized stack mem usage in ia_css_rmgr_acq_vbuf() When ia_css_rmgr_acq_vbuf() enters the code path where it uses the local "struct ia_css_rmgr_vbuf_handle v" on the stack it relies on v.count==0 so that ia_css_rmgr_refcount_retain_vbuf allocates a new handle. Explicitly set v.count to 0 rather then it being whatever was on the stack. Link: https://lore.kernel.org/linux-media/20220612160556.108264-3-hdegoede@redhat.com Signed-off-by: Hans de Goede Signed-off-by: Mauro Carvalho Chehab --- drivers/staging/media/atomisp/pci/runtime/rmgr/src/rmgr_vbuf.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/staging/media/atomisp/pci/runtime/rmgr/src/rmgr_vbuf.c b/drivers/staging/media/atomisp/pci/runtime/rmgr/src/rmgr_vbuf.c index a3e5dc2e6812c..1db28f8970f4a 100644 --- a/drivers/staging/media/atomisp/pci/runtime/rmgr/src/rmgr_vbuf.c +++ b/drivers/staging/media/atomisp/pci/runtime/rmgr/src/rmgr_vbuf.c @@ -254,7 +254,7 @@ void rmgr_pop_handle(struct ia_css_rmgr_vbuf_pool *pool, void ia_css_rmgr_acq_vbuf(struct ia_css_rmgr_vbuf_pool *pool, struct ia_css_rmgr_vbuf_handle **handle) { - struct ia_css_rmgr_vbuf_handle h; + struct ia_css_rmgr_vbuf_handle h = { 0 }; if ((!pool) || (!handle) || (!*handle)) { IA_CSS_LOG("Invalid inputs"); -- 2.30.2