diag: dci: Safeguard to prevent Integer overflow



At certain point in diag driver there can be integer overflow
thus can lead to memory leak. Added a safeguard for it.

Change-Id: I80a9cd0623ebb84d82cf74de132211b1dd60c7d4
CRs-fixed: 565160
Signed-off-by: Katish Paran <kparan@codeaurora.org>

parent f6b73a87

drivers/char/diag/diag_dci.c

+5 −0

Original line number	Diff line number	Diff line
		@@ -618,6 +618,11 @@ static void copy_dci_log_from_apps(unsigned char *buf, int len,
		return;

		log_length = (uint16_t )(buf + 2);
		if (log_length > USHRT_MAX - 4) {
		pr_err("diag: Integer overflow in %s, log_len: %d",
		__func__, log_length);
		return;
		}
		total_length = 4 + log_length;

		/* Check if we are within the len. The check should include the