msm: kgsl: Fix overflow in sharedmem cache range operation function (70496cbb) · Commits · e / devices / android_kernel_xiaomi_markw

drivers/gpu/msm/kgsl_sharedmem.c

+3 −4

Original line number	Diff line number	Diff line
		@@ -574,12 +574,11 @@ int kgsl_cache_range_op(struct kgsl_memdesc *memdesc, uint64_t offset,
		void *addr = (memdesc->hostptr) ?
		memdesc->hostptr : (void *) memdesc->useraddr;

		/* Make sure that size is non-zero */
		if (!size)
		if (size == 0 \|\| size > UINT_MAX)
		return -EINVAL;

		/* Make sure that the offset + size isn't bigger than we can handle */
		if ((offset + size) > ULONG_MAX)
		/* Make sure that the offset + size does not overflow */
		if ((offset + size < offset) \|\| (offset + size < size))
		return -ERANGE;

		/* Make sure the offset + size do not overflow the address */