summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--ncr-data.c9
1 files changed, 6 insertions, 3 deletions
diff --git a/ncr-data.c b/ncr-data.c
index 93c69ac..6a45e4d 100644
--- a/ncr-data.c
+++ b/ncr-data.c
@@ -282,21 +282,24 @@ int ncr_data_set(struct list_sem_st* lst, void __user* arg)
}
data->data_size = get.data_size;
} else {
+ size_t offset;
+
+ offset = data->data_size;
/* get.data_size <= data->max_data_size, which is limited in
data_alloc(), so there is no integer overflow. */
- if (get.data_size+data->data_size > data->max_data_size) {
+ if (get.data_size+offset > data->max_data_size) {
err();
ret = -EINVAL;
goto cleanup;
}
if (get.data != NULL) {
- ret = copy_from_user(&data->data[data->data_size], get.data, get.data_size);
+ ret = copy_from_user(&data->data[offset], get.data, get.data_size);
if (unlikely(ret)) {
err();
goto cleanup;
}
}
- data->data_size += get.data_size;
+ data->data_size = offset + get.data_size;
}
ret = 0;
generated by cgit (git 2.34.1) at 2026-02-03 23:43:11 +0000