Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 143f5001 authored by ptak's avatar ptak
Browse files

msm: cvp: OOB write fix due to integer underflow 



If FW send a pkt->size which is less than the sizeof packet structure
then pkt->size - sizeof() would result into an integer underflow.
Due to this the subsequent check would be bypassed and we will
start write to an OOB memory.

Change-Id: Icb3e4e6d64275592ceb6f747de653dcc1c65fec7
Signed-off-by: default avatarptak <quic_ptak@quicinc.com>
parent 02194073
Show whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment