Merge "msm: kgsl: Fix overflow in sharedmem cache range operation function"

author: Linux Build Service Account <lnxbuild@localhost> 2016-11-14 21:54:05 -0800
committer: Gerrit - the friendly Code Review server <code-review@localhost> 2016-11-14 21:54:05 -0800
commit: 5587de21d7538e14fd057b4e1825963b82fb8d1d (patch)
tree: d57e04f1e33cb0d37fe0c3687a586852487320cc /drivers/gpu
parent: 4ca0cdc68e22d5bf7e3568d0fa5aa86ecfeefa51 (diff)
parent: b63c4eb6c72c4715b4a83c76e040355f2ea2d371 (diff)
1 files changed, 3 insertions, 4 deletions
diff --git a/drivers/gpu/msm/kgsl_sharedmem.c b/drivers/gpu/msm/kgsl_sharedmem.c
index 72895c18119f..618e9e9a33a3 100644
--- a/drivers/gpu/msm/kgsl_sharedmem.c
+++ b/drivers/gpu/msm/kgsl_sharedmem.c
@@ -574,12 +574,11 @@ int kgsl_cache_range_op(struct kgsl_memdesc *memdesc, uint64_t offset,
 	void *addr = (memdesc->hostptr) ?
 		memdesc->hostptr : (void *) memdesc->useraddr;
 
-	/* Make sure that size is non-zero */
-	if (!size)
+	if (size == 0 || size > UINT_MAX)
 		return -EINVAL;
 
-	/* Make sure that the offset + size isn't bigger than we can handle */
-	if ((offset + size) > ULONG_MAX)
+	/* Make sure that the offset + size does not overflow */
+	if ((offset + size < offset) || (offset + size < size))
 		return -ERANGE;
 
 	/* Make sure the offset + size do not overflow the address */
author	Linux Build Service Account <lnxbuild@localhost>	2016-11-14 21:54:05 -0800
committer	Gerrit - the friendly Code Review server <code-review@localhost>	2016-11-14 21:54:05 -0800
commit	5587de21d7538e14fd057b4e1825963b82fb8d1d (patch)
tree	d57e04f1e33cb0d37fe0c3687a586852487320cc /drivers/gpu
parent	4ca0cdc68e22d5bf7e3568d0fa5aa86ecfeefa51 (diff)
parent	b63c4eb6c72c4715b4a83c76e040355f2ea2d371 (diff)