Integrate security patch 2023-07-05-CVE-2023-24854
Change-Id: I0fd60fc08bbde3170e35f1558e165e8b8c3fc0f1
(cherry picked from commit 77e1ecd4722865a54240e8090b0758a68a44ddec)
diff --git a/drivers/soc/qcom/icnss2/qmi.c b/drivers/soc/qcom/icnss2/qmi.c
index fad86c7..7b78d75 100644
--- a/drivers/soc/qcom/icnss2/qmi.c
+++ b/drivers/soc/qcom/icnss2/qmi.c
@@ -1,6 +1,7 @@
// SPDX-License-Identifier: GPL-2.0-only
/*
* Copyright (c) 2017-2021, The Linux Foundation. All rights reserved.
+ * Copyright (c) 2023 Qualcomm Innovation Center, Inc. All rights reserved.
*/
#define pr_fmt(fmt) "icnss2_qmi: " fmt
@@ -968,11 +969,11 @@
__func__, resp->total_size, resp->data_len);
if ((resp->total_size_valid == 1 &&
- resp->total_size == total_size)
- && (resp->seg_id_valid == 1 && resp->seg_id == req->seg_id)
- && (resp->data_valid == 1 &&
- resp->data_len <= QMI_WLFW_MAX_DATA_SIZE_V01)) {
-
+ resp->total_size == total_size)
+ && (resp->seg_id_valid == 1 && resp->seg_id == req->seg_id)
+ && (resp->data_valid == 1 &&
+ resp->data_len <= QMI_WLFW_MAX_DATA_SIZE_V01)
+ && resp->data_len <= remaining) {
memcpy(p_qdss_trace_data_temp,
resp->data, resp->data_len);
} else {