mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
synced 2024-09-26 12:26:11 +00:00
cxl/pmem: Use size_add() against integer overflow
[ Upstream commit 4f1aa35f1f
]
"struct_size() + n" may cause a integer overflow,
use size_add() to handle it.
Signed-off-by: Yu Zhe <yuzhe@nfschina.com>
Link: https://lore.kernel.org/r/20220927070247.23148-1-yuzhe@nfschina.com
Signed-off-by: Dan Williams <dan.j.williams@intel.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
This commit is contained in:
parent
b15e525ed1
commit
cc63ae7549
1 changed files with 1 additions and 1 deletions
|
@ -151,7 +151,7 @@ static int cxl_pmem_set_config_data(struct cxl_dev_state *cxlds,
|
|||
return -EINVAL;
|
||||
|
||||
/* 4-byte status follows the input data in the payload */
|
||||
if (struct_size(cmd, in_buf, cmd->in_length) + 4 > buf_len)
|
||||
if (size_add(struct_size(cmd, in_buf, cmd->in_length), 4) > buf_len)
|
||||
return -EINVAL;
|
||||
|
||||
set_lsa =
|
||||
|
|
Loading…
Reference in a new issue