Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 10a28879 authored by Katish Paran's avatar Katish Paran Committed by Gerrit - the friendly Code Review server
Browse files

diag: Safeguard for bound checks and integer overflow 



Bound checks are placed to avoid integer overflow.

Change-Id: I2b1a2a73d25cfe002493da3989243a8c544a9bc0
Signed-off-by: default avatarKatish Paran <kparan@codeaurora.org>
parent 3d109ee5

drivers/char/diag/diagchar_core.c

+9 −0
Original line number Diff line number Diff line
@@ -1294,6 +1294,15 @@ static int diag_ioctl_vote_real_time(unsigned long ioarg) 
			sizeof(struct real_time_vote_t)))

		return -EFAULT;



	if (vote.proc > DIAG_PROC_MEMORY_DEVICE ||

		vote.real_time_vote > MODE_UNKNOWN ||

		vote.client_id < 0) {

		pr_err("diag: %s, invalid params, proc: %d, vote: %d, client_id: %d\n",

			__func__, vote.proc, vote.real_time_vote,

			vote.client_id);

		return -EINVAL;

	}



	driver->real_time_update_busy++;

	if (vote.proc == DIAG_PROC_DCI) {

		dci_client = diag_dci_get_client_entry(vote.client_id);