Re: [PATCH] remoteproc: qcom: mdt_loader: Use signed type for offset

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, Feb 15, 2017 at 02:00:41PM -0800, Bjorn Andersson wrote:
> In the transition from using rproc_da_to_va(), the type of the load
> offset became unsigned. This causes the subsequent check to let negative
> values less than p_memsz + mem_size through and we write outside of the
> buffer.
> 
> Change the type back to a signed value to catch this.
> 
> Fixes: 7f0dd07a9b29 ("remoteproc: qcom: mdt_loader: Refactor MDT loader")
> Fixes: e7fd25226295 ("remoteproc: qcom: q6v5: Decouple driver from MDT loader")
> Reported-by: Dan Carpenter <dan.carpenter@xxxxxxxxxx>
> Reported-by: Stanimir Varbanov <stanimir.varbanov@xxxxxxxxxx>
> Signed-off-by: Bjorn Andersson <bjorn.andersson@xxxxxxxxxx>

Acked-by: Andy Gross <andy.gross@xxxxxxxxxx>
--
To unsubscribe from this list: send the line "unsubscribe linux-arm-msm" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html



[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [Linux for Sparc]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux