Skip to content
Commit 8d2b1a1e authored by Oliver Neukum's avatar Oliver Neukum Committed by David S. Miller
Browse files

CDC-NCM: avoid overflow in sanity checking



A broken device may give an extreme offset like 0xFFF0
and a reasonable length for a fragment. In the sanity
check as formulated now, this will create an integer
overflow, defeating the sanity check. Both offset
and offset + len need to be checked in such a manner
that no overflow can occur.
And those quantities should be unsigned.

Signed-off-by: default avatarOliver Neukum <oneukum@suse.com>
Reviewed-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parent 7e5b6a5c
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment