On Tue, Dec 01, 2015 at 04:43:10PM -0800, Bjorn Andersson wrote: > From: Courtney Cavin <courtney.ca...@sonymobile.com> > > This patch catches the conditions where: > - 'splicepoint' is set to a point outside of [ fdt, fdt_totalsize(fdt) ) > - 'newlen' is negative, or 'splicepoint' plus 'newlen' results in overflow > > Either of these cases can be caused by math which overflows in calling > functions, or by sizes specified through dynamic means. > > Signed-off-by: Courtney Cavin <courtney.ca...@sonymobile.com> > Signed-off-by: Bjorn Andersson <bjorn.anders...@sonymobile.com>
Applied, thanks.
--
David Gibson | I'll have my music baroque, and my code
david AT gibson.dropbear.id.au | minimalist, thank you. NOT _the_ _other_
| _way_ _around_!
http://www.ozlabs.org/~dgibson
signature.asc
Description: PGP signature
