diff options
author | Oliver Neukum <oneukum@suse.com> | 2022-02-15 13:35:47 +0300 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2022-02-15 17:56:10 +0300 |
commit | 8d2b1a1ec9f559d30b724877da4ce592edc41fdc (patch) | |
tree | 2b5bad2d091e5bf2cb4f403ffb9305250a394594 /.get_maintainer.ignore | |
parent | 7e5b6a5c8c44310784c88c1c198dde79f6402f7b (diff) | |
download | linux-8d2b1a1ec9f559d30b724877da4ce592edc41fdc.tar.xz |
CDC-NCM: avoid overflow in sanity checking
A broken device may give an extreme offset like 0xFFF0
and a reasonable length for a fragment. In the sanity
check as formulated now, this will create an integer
overflow, defeating the sanity check. Both offset
and offset + len need to be checked in such a manner
that no overflow can occur.
And those quantities should be unsigned.
Signed-off-by: Oliver Neukum <oneukum@suse.com>
Reviewed-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to '.get_maintainer.ignore')
0 files changed, 0 insertions, 0 deletions