Paul Elder 9909ce33f9 v4l2: v4l2_camera: Clear pending requests on freeBuffers and streamOff ... V4L2 allows buffer queueing before streamon while libcamera does not. The compatibility layer thus saves these buffers in a pending queue until streamon, and then automatically queues them. However, this pending queue is not cleared when the buffers are freed, so the following sequence of actions will cause a use-after-free: 1. queue buffers 2. free buffers - buffers from 1. stay in pending queue but have been freed 3. queue buffers 4. streamon - buffers from 1. are enqueued, then the buffers from 3. are enqueued. Use-after-free segfault when libcamera tries to handle the enqueued buffers from 1. Fix this by clearing the pending request queue upon buffers being freed. Also clear the pending request queue on streamOff, for correctness. Signed-off-by: Paul Elder <paul.elder@ideasonboard.com> Reviewed-by: Jacopo Mondi <jacopo@jmondi.org> Reviewed-by: Laurent Pinchart <laurent.pinchart@ideasonboard.com>		2020-06-25 23:47:13 +09:00
..
android	libcamera: Replace explicit DRM FourCCs with libcamera formats	2020-06-18 13:26:58 +03:00
cam	(q)cam: Fix header guards	2020-05-18 16:35:55 +03:00
gstreamer	gst: Replace explicit DRM FourCCs with libcamera formats	2020-06-18 13:26:43 +03:00
ipa	libcamera: ipa: raspberrypi: Plumb in the libcamera sharpness control	2020-06-25 06:47:53 +03:00
libcamera	libcamera: Add a sharpness strength control	2020-06-25 06:47:53 +03:00
qcam	meson: options: Add an option to control compilation of qcam	2020-06-24 19:06:16 +02:00
v4l2	v4l2: v4l2_camera: Clear pending requests on freeBuffers and streamOff	2020-06-25 23:47:13 +09:00
meson.build	licenses: License all meson files under CC0-1.0	2020-05-13 16:46:24 +03:00