On Tue, Dec 01, 2015 at 04:43:10PM -0800, Bjorn Andersson wrote: > From: Courtney Cavin <courtney.cavin@xxxxxxxxxxxxxx> > > This patch catches the conditions where: > - 'splicepoint' is set to a point outside of [ fdt, fdt_totalsize(fdt) ) > - 'newlen' is negative, or 'splicepoint' plus 'newlen' results in overflow > > Either of these cases can be caused by math which overflows in calling > functions, or by sizes specified through dynamic means. > > Signed-off-by: Courtney Cavin <courtney.cavin@xxxxxxxxxxxxxx> > Signed-off-by: Bjorn Andersson <bjorn.andersson@xxxxxxxxxxxxxx> Applied, thanks. -- David Gibson | I'll have my music baroque, and my code david AT gibson.dropbear.id.au | minimalist, thank you. NOT _the_ _other_ | _way_ _around_! http://www.ozlabs.org/~dgibson
Attachment:
signature.asc
Description: PGP signature
