BACKPORT: msm: adsprpc: Use unsigned integer for length values
As the length datatype is signed, an attacker can both overflow
the calculation or supply a negative number to trick the check
into returning an chosen chunk. This can have undesired
consequences. Always use unsigned integer types for length
values.
Conflicts:
The adapted commit has change
I954f07382bbc9998aed574a7bf74fab9299f0b45 (d776655a243f5) in its
history, we have I0fba2a7a758930003d5bce9c8ffc0036574736b8
(6b4c68c8acd83). Both of them bring additional changes to int types.
This creates many conflicts when trying to cherry-pick. Instead,
the changes were picked manually.
Issue: SEC-1269
Change-Id: Ifde2f0d35129014b976507f7723a319c53fabddf
Acked-by: Thyagarajan Venkatanarayanan <venkatan@qti.qualcomm.com>
Signed-off-by: Tharun Kumar Merugu <mtharu@codeaurora.org>
Bug: 63165135
CRs-Fixed: 2139538
Signed-off-by: Dennis Cagle <dcagle@codeaurora.org>
(cherry picked from commit c29e11c774b3c59660c1c599b73b7fabf1492d43)
Signed-off-by: David Lin <dtwlin@google.com>
(adapted from commit 157a921e39321002220e040ef8a07dce8e0eccbf)
2 files changed