input: fix out of bound/race in pad_buttons_pressed#17673
Open
na-na-hi wants to merge 2 commits intompv-player:masterfrom
Open
input: fix out of bound/race in pad_buttons_pressed#17673na-na-hi wants to merge 2 commits intompv-player:masterfrom
na-na-hi wants to merge 2 commits intompv-player:masterfrom
Conversation
When buttons > MP_MAX_TABLET_PAD_BUTTONS and the value is stored in ictx->tablet_pad_buttons, the next mp_input_set_tablet_pad_focus call will cause out of bound write, and mp_property_tablet_pos will cause out of bound read. Fix this by limiting ictx->tablet_pad_buttons range. Fixes: 0fbf20f
mp_input_get_tablet_pos stores the address to an array that is protected by lock, and the content is accessed without acquiring lock. Fix this by writing the values to an array inside mp_input_get_tablet_pos. Fixes: 0fbf20f
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Fixes OOB read/write and access without acquiring lock.