CDC-NCM: avoid overflow in sanity checking (8d2b1a1e) · Commits · Mirrors / git.kernel.org / pub_scm_linux_kernel_git_stable_linux · GitLab

Commit 8d2b1a1e authored Feb 15, 2022 by

Oliver Neukum Committed by David S. Miller Feb 15, 2022

CDC-NCM: avoid overflow in sanity checking



A broken device may give an extreme offset like 0xFFF0
and a reasonable length for a fragment. In the sanity
check as formulated now, this will create an integer
overflow, defeating the sanity check. Both offset
and offset + len need to be checked in such a manner
that no overflow can occur.
And those quantities should be unsigned.

Signed-off-by: Oliver Neukum <oneukum@suse.com>
Reviewed-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: David S. Miller <davem@davemloft.net>

parent 7e5b6a5c

Hide whitespace changes

Inline Side-by-side

mirror @mirror
mentioned in commit 69560efa
· Mar 03, 2022

mentioned in commit 69560efa

mentioned in commit 69560efa001397ebb8dc1c3e6a3ce00302bb9f7f

Toggle commit list

Please register or to comment