msm: camera: isp: add bound check to handle array out of access

The pointer req_frm comes from userspace,
req_frm->stream_handle is passed as an argument to
the function msm_isp_get_stream_common_data,
stream_idx can overflow common_data->streams[] and
the code ends up copying an out of bound
kernel address into stream_info. Adding bound check to
handle the same.

CRs-fixed: 2008683
Change-Id: Ib4a059bfd573cdc4e18ce630b4091576ff8edc7e
Signed-off-by: Senthil Kumar Rajagopal <skrajago@codeaurora.org>

0 files changed, 0 insertions, 0 deletions