Gitiles
Code Review Sign In
gerrit-public.fairphone.software / kernel / msm-4.9 / b71dbbcfaa2a2965e0797db7333396a71062a341
commitb71dbbcfaa2a2965e0797db7333396a71062a341[log] [tgz]
authorKevin McKinney <klmckinney1@gmail.com>Tue Dec 20 10:41:13 2011 -0500
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>Wed Feb 08 17:19:03 2012 -0800
tree8e74932054e9f9f9ab87642def51deb45e2dab9a
parent3c92e38dc4d803a7f90a08277a9d59f920963e0c [diff]
Staging: bcm: Fix an integer overflow in IOCTL_BCM_NVM_READ/WRITE

Variables stNVMReadWrite.uioffset and stNVMReadWrite.uiNumBytes
are chosen from userspace and can be very high. The sum of
these two digits would result in a small number. Therefore,
this patch verifies a negative number was not entered, and
reorganizes the equation to remove the integer overflow.

Signed-off-by: Kevin McKinney <klmckinney1@gmail.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
1 file changed
tree: 8e74932054e9f9f9ab87642def51deb45e2dab9a
  1. arch/
  2. block/
  3. crypto/
  4. Documentation/
  5. drivers/
  6. firmware/
  7. fs/
  8. include/
  9. init/
  10. ipc/
  11. kernel/
  12. lib/
  13. mm/
  14. net/
  15. samples/
  16. scripts/
  17. security/
  18. sound/
  19. tools/
  20. usr/
  21. virt/
  22. .gitignore
  23. .mailmap
  24. COPYING
  25. CREDITS
  26. Kbuild
  27. Kconfig
  28. MAINTAINERS
  29. Makefile
  30. README
  31. REPORTING-BUGS