On Thu, Jan 17, 2019 at 09:31:53PM +0000, David Kozub wrote: > From: Jonas Rabenstein <jonas.rabenstein@xxxxxxxxxxxxxxxxxxxxxxx> > > Check whether the shadow mbr does fit in the provided space on the > target. Also a proper firmware should handle this case and return an > error we may prevent problems or even damage with crappy firmwares. > + len = response_get_u64(&dev->parsed, 4); > + if (shadow->offset + shadow->size > len) { > + pr_debug("MBR: does not fit in shadow (%llu vs. %llu)\n", > + shadow->offset + shadow->size, len); > + return -ENOSPC; > + } Can we please change this check to the following: if (shadow->size > len || shadow->offset > len - shadow->size) Thanks > -- > 2.20.1 > >