msm: kgsl: Fix overflow in sharedmem cache range operation function

There could be possibility of integer overflow on adding
size with maximum offset bytes and result in a value smaller
than maximum memdesc size.

CRs-Fixed: 1082914
Change-Id: Ie66b3a8ca2ca418a4a52f65987266b8d580c121f
Signed-off-by: Sudeep Yedalapure <sudeepy@codeaurora.org>

drivers/gpu/msm/kgsl_sharedmem.c

@@ -574,12 +574,11 @@ int kgsl_cache_range_op(struct kgsl_memdesc *memdesc, uint64_t offset,
 	void *addr = (memdesc->hostptr) ?
 		memdesc->hostptr : (void *) memdesc->useraddr;
 
-	/* Make sure that size is non-zero */
+	if (size == 0 || size > UINT_MAX)
-	if (!size)
 		return -EINVAL;
 
-	/* Make sure that the offset + size isn't bigger than we can handle */
+	/* Make sure that the offset + size does not overflow */
-	if ((offset + size) > ULONG_MAX)
+	if ((offset + size < offset) || (offset + size < size))
 		return -ERANGE;
 
 	/* Make sure the offset + size do not overflow the address */