mirror of
git://nv-tegra.nvidia.com/linux-nvgpu.git
synced 2025-12-22 17:36:20 +03:00
38e6c9ae98
The check `buffer_offset + buffer_size > mapped_buffer->size` can be bypassed with a large `buffer_size`, and that may lead to some corruption. This patch combines the bounds checks into a more robust one. Jira NVGPU-6374 Change-Id: I55c8664134e763c66715bf3492867bc73686b694 Signed-off-by: Martin Radev <mradev@nvidia.com> Reviewed-on: https://git-master.nvidia.com/r/c/linux-nvgpu/+/2504890 Reviewed-by: Scott Long <scottl@nvidia.com> Reviewed-by: Alex Waterman <alexw@nvidia.com> Reviewed-by: mobile promotions <svcmobile_promotions@nvidia.com> GVS: Gerrit_Virtual_Submit Tested-by: mobile promotions <svcmobile_promotions@nvidia.com>
12 KiB
12 KiB