msm: kgsl: Protect against a potential overflow in kgsl_sg_alloc



Avoid allocating a scatterlist so large that it overflows the size
passed to the memory allocators.

CRs-fixed: 564448
Change-Id: Ic0dedbad2ab421ddec8f3be38d61c9bdf9ae5bd4
Signed-off-by: Jordan Crouse <jcrouse@codeaurora.org>

parent 4813d157

drivers/gpu/msm/kgsl_sharedmem.h

+3 −0

Original line number	Diff line number	Diff line
		@@ -137,6 +137,9 @@ kgsl_sharedmem_map_vma(struct vm_area_struct *vma,

		static inline void *kgsl_sg_alloc(unsigned int sglen)
		{
		if (sglen >= ULONG_MAX / sizeof(struct scatterlist))
		return NULL;

		if ((sglen * sizeof(struct scatterlist)) < PAGE_SIZE)
		return kzalloc(sglen * sizeof(struct scatterlist), GFP_KERNEL);
		else