Explorar o código

NFC: Avoid slab out of bound

chages done to ese_cold_reset c file to avoid
slabout of bound issues.

Change-Id: Idbc72acc16c8a2f55d982015b69e196d38ddc199
Signed-off-by: PRANAY BHARGAV BHAVARAJU <[email protected]>
PRANAY BHARGAV BHAVARAJU %!s(int64=2) %!d(string=hai) anos
pai
achega
a6d8f76e52
Modificáronse 1 ficheiros con 7 adicións e 0 borrados
  1. 7 0
      nfc/ese_cold_reset.c

+ 7 - 0
nfc/ese_cold_reset.c

@@ -109,6 +109,13 @@ int read_cold_reset_rsp(struct nfc_dev *nfc_dev, char *header)
 	struct cold_reset *cold_rst = &nfc_dev->cold_reset;
 	char *rsp_buf = NULL;
 
+	if (cold_rst->rsp_len < COLD_RESET_RSP_LEN) {
+		dev_err(nfc_dev->nfc_device,
+				"%s: received cold reset rsp buffer length is invalid \n",
+				__func__);
+		return -EINVAL;
+        }
+
 	rsp_buf = kzalloc(cold_rst->rsp_len, GFP_DMA | GFP_KERNEL);
 	if (!rsp_buf)
 		return -ENOMEM;