jenna
/
kernel_samsung_sm7125
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

diag: Prevent possible integer overflow while processing cntl pkt

Browse Source 
Possible integer overflow while processing control packets received
from peripherals prevented by typecasting the lengths during
buffer boundary check.

Change-Id: Ic29553a8c3422c9e11051d78a6b57a4f921586b9
Signed-off-by: Manoj Prabhu B <bmanoj@codeaurora.org>
tirimbino
Manoj Prabhu B 5 years ago committed by Lakshay Verma
parent 931e92be92
commit 9310a7df6e
1 changed files with 2 additions and 1 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 3
      drivers/char/diag/diagfwd_cntl.c

3
drivers/char/diag/diagfwd_cntl.c
Unescape View File

@ -886,7 +886,8 @@ void diag_cntl_process_read_data(struct diagfwd_info *p_info, void *buf,
while (read_len + header_len < len) {
ctrl_pkt = (struct diag_ctrl_pkt_header_t *)ptr;
if ((read_len + header_len + ctrl_pkt->len) > len)
if (((size_t)read_len + (size_t)ctrl_pkt->len +
header_len) > len)
return;
switch (ctrl_pkt->pkt_id) {
case DIAG_CTRL_MSG_REG:

Write Preview
Loading…
Cancel
Save