Commit 51a518ad authored Jun 01, 2016 by Xiaojun Sang Committed by Todd Kjos Oct 25, 2019

ANDROID: ASoC: compress: fix unsigned integer overflow check



Parameter fragments and fragment_size are type of u32. U32_MAX is
the correct check.

CRs-Fixed: 1014726
Bug: 142489397
Change-Id: Ia6d4755408646ac4a75724f3c6f2177651875da3
Signed-off-by: Xiaojun Sang <xsang@codeaurora.org>
Signed-off-by: Meng Wang <mwang@codeaurora.org>

parent 82047fdd

sound/core/compress_offload.c

+1 −1

Original line number	Diff line number	Diff line
		@@ -528,7 +528,7 @@ static int snd_compress_check_input(struct snd_compr_params *params)
		{
		/* first let's check the buffer parameter's */
		if (params->buffer.fragment_size == 0 \|\|
		params->buffer.fragments > INT_MAX / params->buffer.fragment_size \|\|
		params->buffer.fragments > U32_MAX / params->buffer.fragment_size \|\|
		params->buffer.fragments == 0)
		return -EINVAL;