Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit ff15aaf4 authored by Sathish Ambley's avatar Sathish Ambley
Browse files

msm: ADSPRPC: Validate buffer size



Ensure that the size of buffer being allocated is not
negative to avoid allocating a smaller buffer and hence
causing buffer overflow conditions.

Change-Id: I150c379471564731771e2bd33d804fd26c793e25
Acked-by: default avatarBharath Kumar <bkumar@qti.qualcomm.com>
Signed-off-by: default avatarSathish Ambley <sathishambley@codeaurora.org>
parent 9fffca4f
Loading
Loading
Loading
Loading
+5 −0
Original line number Diff line number Diff line
@@ -397,6 +397,11 @@ static int fastrpc_buf_alloc(struct fastrpc_file *fl, ssize_t size,
	int err = 0;
	struct fastrpc_buf *buf = 0, *fr = 0;
	struct hlist_node *n;

	VERIFY(err, size > 0);
	if (err)
		goto bail;

	/* find the smallest buffer that fits in the cache */
	spin_lock(&fl->hlock);
	hlist_for_each_entry_safe(buf, n, &fl->bufs, hn) {