Gitiles
Code Review Sign In
gerrit-public.fairphone.software / kernel / msm-4.9 / 8ea939284d3ebde02d5b46d50406c2b7faae1214
commit8ea939284d3ebde02d5b46d50406c2b7faae1214[log] [tgz]
authorIan Abbott <abbotti@mev.co.uk>Mon Oct 12 17:21:24 2015 +0100
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>Tue Oct 13 10:29:48 2015 -0700
tree74f90531d32eb15b673d6882f9783aeae893b6dc
parent76e8e7d4ffb3300217b62637183282a5225d7394 [diff]
staging: comedi: avoid bad truncation of a size_t in comedi_read()

At one point in `comedi_read()`, the variable `n` gets assigned to the
minimum of the parameter `nbytes` and the amount of readable buffer
space `m`.  The way that is done currently is unsafe in the unlikely
case that `nbytes` exceeds `UINT_MAX`, so fix it.

Signed-off-by: Ian Abbott <abbotti@mev.co.uk>
Reviewed-by: H Hartley Sweeten <hsweeten@visionengravers.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
1 file changed
tree: 74f90531d32eb15b673d6882f9783aeae893b6dc
  1. arch/
  2. block/
  3. certs/
  4. crypto/
  5. Documentation/
  6. drivers/
  7. firmware/
  8. fs/
  9. include/
  10. init/
  11. ipc/
  12. kernel/
  13. lib/
  14. mm/
  15. net/
  16. samples/
  17. scripts/
  18. security/
  19. sound/
  20. tools/
  21. usr/
  22. virt/
  23. .get_maintainer.ignore
  24. .gitignore
  25. .mailmap
  26. COPYING
  27. CREDITS
  28. Kbuild
  29. Kconfig
  30. MAINTAINERS
  31. Makefile
  32. README
  33. REPORTING-BUGS