Todd Kjos 0b0509508b binder: check for overflow when alloc for security context ...

When allocating space in the target buffer for the security context,
make sure the extra_buffers_size doesn't overflow. This can only
happen if the given size is invalid, but an overflow can turn it
into a valid size. Fail the transaction if an overflow is detected.

Signed-off-by: Todd Kjos <tkjos@google.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

2019-04-25 21:26:49 +02:00

176 KiB

Raw Blame History

View Raw