ipm: imx: Fix possible buffer overflow
It is possible to happen a buffer overflow in ipm_send due the lack of a checking for negative value. Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
This commit is contained in:
parent
4ff32d9290
commit
0a12a05e63
1 changed files with 1 additions and 1 deletions
|
@ -175,7 +175,7 @@ static int imx_mu_ipm_send(const struct device *dev, int wait, uint32_t id,
|
|||
return -EINVAL;
|
||||
}
|
||||
|
||||
if (size > CONFIG_IPM_IMX_MAX_DATA_SIZE) {
|
||||
if ((size < 0) || (size > CONFIG_IPM_IMX_MAX_DATA_SIZE)) {
|
||||
return -EMSGSIZE;
|
||||
}
|
||||
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue