evie/android_kernel_oneplus_msm8998
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
android_kernel_oneplus_msm8998/drivers
History
Dan Carpenter ded34f9723 drm/msm: fix an integer overflow test 
commit 65e93108891e571f177c202add9288eda9ac4100 upstream.

We recently added an integer overflow check but it needs an additional
tweak to work properly on 32 bit systems.

The problem is that we're doing the right hand side of the assignment as
type unsigned long so the max it will have an integer overflow instead
of being larger than SIZE_MAX.  That means the "sz > SIZE_MAX" condition
is never true even on 32 bit systems.  We need to first cast it to u64
and then do the math.

Fixes: 4a630fadbb29 ("drm/msm: Fix potential buffer overflow issue")
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Acked-by: Jordan Crouse <jcrouse@codeaurora.org>
Signed-off-by: Rob Clark <robdclark@gmail.com>
Cc: Ben Hutchings <ben@decadent.org.uk>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2017-11-08 10:06:28 +01:00
..
accessibility
acpi ACPI / APEI: Add missing synchronize_rcu() on NOTIFY_SCI removal 2017-08-30 10:19:29 +02:00
amba
android ANDROID: binder: fix proc->tsk check. 2017-08-30 10:19:26 +02:00
ata libata: transport: Remove circular dependency at free time 2017-10-08 10:14:20 +02:00
atm
auxdisplay
base driver core: platform: Don't read past the end of "driver_override" buffer 2017-10-12 11:27:32 +02:00
bcma bcma: use (get|put)_device when probing/removing device driver 2017-03-12 06:37:30 +01:00
block skd: Submit requests to firmware before triggering the doorbell 2017-09-27 11:00:14 +02:00
bluetooth Bluetooth: Add support of 13d3:3494 RTL8723BE device 2017-09-13 14:09:45 -07:00
bus bus: mbus: fix window size calculation for 4GB windows 2017-10-27 10:23:17 +02:00
cdrom
char tpm: Replace device number bitmap with IDR 2017-08-06 19:19:43 -07:00
clk clk: Make x86/ conditional on CONFIG_COMMON_CLK 2017-05-14 13:32:55 +02:00
clocksource clockevents/drivers/cs5535: Improve resilience to spurious interrupts 2017-10-27 10:23:17 +02:00
connector
cpufreq cpufreq: CPPC: add ACPI_PROCESSOR dependency 2017-10-21 17:09:06 +02:00
cpuidle ARM: cpuidle: Fix error return code 2016-10-16 17:36:15 +02:00
crypto crypto: talitos - fix sha224 2017-10-05 09:41:45 +02:00
dca
devfreq
dio
dma dmaengine: edma: Align the memcpy acnt array size with the transfer 2017-10-18 09:20:41 +02:00
dma-buf
edac EDAC: Increment correct counter in edac_inc_ue_error() 2016-09-07 08:32:41 +02:00
eisa
extcon extcon: axp288: Use vbus-valid instead of -present to determine cable presence 2017-10-08 10:14:16 +02:00
firewire firewire: net: fix fragmented datagram_size off-by-one 2016-11-10 16:36:35 +01:00
firmware drivers: firmware: psci: drop duplicate const from psci_of_match 2017-10-08 10:14:20 +02:00
fmc
fpga
gpio gpio: mpc8xxx: Correct irq handler function 2016-10-28 03:01:25 -04:00
gpu drm/msm: fix an integer overflow test 2017-11-08 10:06:28 +01:00
hid HID: usbhid: fix out-of-bounds bug 2017-10-18 09:20:41 +02:00
hsi
hv Drivers: hv: fcopy: restore correct transfer length 2017-10-12 11:27:33 +02:00
hwmon hwmon: (gl520sm) Fix overflows and crash seen when writing into limit attributes 2017-10-08 10:14:17 +02:00
hwspinlock
hwtracing stm class: Fix a use-after-free 2017-10-12 11:27:33 +02:00
i2c i2c: ismt: Separate I2C block read from SMBus block read 2017-10-27 10:23:16 +02:00
ide
idle intel_idle: Support for Intel Xeon Phi Processor x200 Product Family 2016-09-15 08:27:46 +02:00
iio iio: adc: xilinx: Fix error handling 2017-10-21 17:09:04 +02:00
infiniband IB/qib: fix false-postive maybe-uninitialized warning 2017-10-08 10:14:20 +02:00
input Input: gtco - fix potential out-of-bound access 2017-11-02 09:40:49 +01:00
iommu iommu/amd: Finish TLB flush in amd_iommu_unmap() 2017-10-18 09:20:42 +02:00
ipack
irqchip irqchip/crossbar: Fix incorrect type of local variables 2017-10-21 17:09:04 +02:00
isdn isdn/i4l: fetch the ppp_write buffer in one shot 2017-10-21 17:09:02 +02:00
leds leds: ktd2692: avoid harmless maybe-uninitialized warning 2017-05-14 13:32:55 +02:00
lguest
lightnvm lightnvm: put bio before return 2016-09-24 10:07:35 +02:00
macintosh
mailbox mailbox: handle empty message in tx_tick 2017-08-06 19:19:41 -07:00
mcb mcb: Fixed bar number assignment for the gdd 2016-06-01 12:15:53 -07:00
md md/linear: shutup lockdep warnning 2017-10-21 17:09:05 +02:00
media ttpci: address stringop overflow warning 2017-10-08 10:14:20 +02:00
memory memory: omap-gpmc: Fix omap gpmc EXTRADELAY timing 2016-07-27 09:47:35 -07:00
memstick memstick: rtsx_usb_ms: Manage runtime PM when accessing the device 2016-10-28 03:01:35 -04:00
message
mfd mfd: omap-usb-tll: Fix inverted bit use for USB TLL mode 2017-06-26 07:13:09 +02:00
misc cxl: Fix driver use count 2017-10-05 09:41:47 +02:00
mmc mmc: sdio: fix alignment issue in struct sdio_func 2017-10-08 10:14:19 +02:00
mtd mtd: bcm47xxpart: don't fail because of bit-flips 2017-07-05 14:37:18 +02:00
net can: kvaser_usb: Ignore CMD_FLUSH_QUEUE_REPLY messages 2017-11-02 09:40:50 +01:00
nfc nfc: fdp: fix NULL pointer dereference 2017-08-06 19:19:40 -07:00
ntb ntb_transport: fix bug calculating num_qps_mw 2017-08-30 10:19:29 +02:00
nubus
nvdimm libnvdimm, btt: fix btt_rw_page not returning errors 2017-08-06 19:19:42 -07:00
nvme nvme: protect against simultaneous shutdown invocations 2017-10-12 11:27:35 +02:00
nvmem nvmem: imx-ocotp: Fix wrong register size 2017-08-06 19:19:46 -07:00
of of: device: Export of_device_{get_modalias, uvent_modalias} to modules 2017-07-27 15:06:09 -07:00
oprofile
parisc parisc: pci memory bar assignment fails with 64bit kernels on dino/cujo 2017-08-24 17:02:35 -07:00
parport parisc, parport_gsc: Fixes for printk continuation lines 2017-06-17 06:39:37 +02:00
pci PCI: Fix race condition with driver_override 2017-10-05 09:41:46 +02:00
pcmcia pcmcia: db1xxx_ss: fix last irq_to_gpio user 2016-04-20 15:42:09 +09:00
perf drivers/perf: arm_pmu: Fix leak in error path 2016-10-07 15:23:41 +02:00
phy phy: qcom-usb-hs: Add depends on EXTCON 2017-05-14 13:32:57 +02:00
pinctrl pinctrl: samsung: Remove bogus irq_[un]mask from resource management 2017-08-16 13:40:30 -07:00
platform platform/x86: ideapad-laptop: handle ACPI event 1 2017-07-05 14:37:19 +02:00
pnp PNP: Add Broadwell to Intel MCH size workaround 2016-08-16 09:30:48 +02:00
power power: supply: bq24190_charger: Handle fault before status on interrupt 2017-05-14 13:32:54 +02:00
powercap
pps pps: do not crash when failed to register 2016-08-10 11:49:25 +02:00
ps3
ptp
pwm pwm: pca9685: Fix period change with same duty cycle 2017-03-15 09:57:14 +08:00
rapidio
ras
regulator regulator: fan53555: fix I2C device ids 2017-11-02 09:40:50 +01:00
remoteproc remoteproc: Fix potential race condition in rproc_add 2016-08-20 18:09:20 +02:00
reset
rpmsg
rtc rtc: tegra: Implement clock handling 2017-04-21 09:30:07 +02:00
s390 scsi: zfcp: fix erp_action use-before-initialize in REC action trace 2017-11-02 09:40:49 +01:00
sbus
scsi scsi: sg: Re-fix off by one in sg_fill_request_table() 2017-11-02 09:40:50 +01:00
sfi
sh drivers: sh: Restore legacy clock domain on SuperH platforms 2016-03-09 15:34:49 -08:00
sn
soc soc: qcom/spm: shut up uninitialized variable warning 2016-09-24 10:07:42 +02:00
spi spi: dw: Make debugfs name unique between instances 2017-08-06 19:19:44 -07:00
spmi spmi: Include OF based modalias in device uevent 2017-07-27 15:06:10 -07:00
ssb ssb: Fix error routine when fallback SPROM fails 2017-01-09 08:07:42 +01:00
staging staging: iio: ad7192: Fix - use the dedicated reset function avoiding dma from stack. 2017-10-12 11:27:34 +02:00
target target/iscsi: Fix unsolicited data seq_end_offset calculation 2017-10-21 17:09:06 +02:00
tc
thermal thermal: cpu_cooling: Avoid accessing potentially freed structures 2017-07-27 15:06:02 -07:00
thunderbolt thunderbolt: Fix double free of drom buffer 2016-06-01 12:15:53 -07:00
tty Revert "tty: goldfish: Fix a parameter of a call to free_irq" 2017-10-21 17:09:06 +02:00
uio uio: fix dmem_region_start computation 2016-10-31 04:13:59 -06:00
usb usb: xhci: Handle error condition in xhci_stop_device() 2017-11-02 09:40:49 +01:00
uwb uwb: ensure that endpoint is interrupt 2017-10-12 11:27:35 +02:00
vfio vfio-pci: Handle error from pci_iomap 2017-08-06 19:19:46 -07:00
vhost vhost/scsi: fix reuse of &vq->iov[out] in response 2016-09-15 08:27:53 +02:00
video video: fbdev: aty: do not leak uninitialized padding in clk to userspace 2017-10-05 09:41:48 +02:00
virt
virtio virtio_balloon: init 1st buffer in stats vq 2017-03-31 09:49:53 +02:00
vlynq
vme vme: Fix wrong pointer utilization in ca91cx42_slave_get 2017-01-19 20:17:21 +01:00
w1 w1: ds2490: USB transfer buffers need to be DMAable 2017-03-12 06:37:29 +01:00
watchdog watchdog: kempld: fix gcc-4.3 build 2017-10-21 17:09:04 +02:00
xen xen/gntdev: avoid out of bounds access in case of partial gntdev_mmap() 2017-11-02 09:40:49 +01:00
zorro
Kconfig
Makefile usb: Make sure usb/phy/of gets built-in 2017-05-20 14:26:59 +02:00