DivestOS/Patches/Linux_CVEs/CVE-2014-9792/ANY/0.patch

35 lines
1.1 KiB
Diff
Raw Normal View History

From a3e3dd9fc0a2699ae053ffd3efb52cdc73ad94cd Mon Sep 17 00:00:00 2001
From: Zaheerulla Meer <zmeer@codeaurora.org>
Date: Fri, 11 Oct 2013 18:18:35 +0530
Subject: msm: ipc: Possible memory corruption due to Sign Conversion
msm_ipc_router_skb_to_buf() takes an unsigned argument and assigns the
same to a signed local variable. This might cause issues when the value
of the argument is too high.
Change the datatype of the local variable to unsigned.
CRs-Fixed: 550606
Change-Id: I257a095681dd82fba05367fd6faf25820e95c719
Signed-off-by: Zaheerulla Meer <zmeer@codeaurora.org>
---
arch/arm/mach-msm/ipc_router.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/arch/arm/mach-msm/ipc_router.c b/arch/arm/mach-msm/ipc_router.c
index 9cdad6a1..cb9ad4c 100644
--- a/arch/arm/mach-msm/ipc_router.c
+++ b/arch/arm/mach-msm/ipc_router.c
@@ -434,7 +434,7 @@ static void *msm_ipc_router_skb_to_buf(struct sk_buff_head *skb_head,
unsigned int len)
{
struct sk_buff *temp;
- int offset = 0, buf_len = 0, copy_len;
+ unsigned int offset = 0, buf_len = 0, copy_len;
void *buf;
if (!skb_head) {
--
cgit v1.1