storage/flash_map: Fix is_in_flash_area_bounds
Prevent possible overflow in is_in_flash_area_bounds while validating offset and length of an operation. Fixes #89349 Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
This commit is contained in:
parent
d60831810b
commit
3d4b427245
1 changed files with 1 additions and 1 deletions
|
@ -33,7 +33,7 @@ static inline struct flash_area const *get_flash_area_from_id(int idx)
|
|||
static inline bool is_in_flash_area_bounds(const struct flash_area *fa,
|
||||
off_t off, size_t len)
|
||||
{
|
||||
return (off >= 0) && ((off + len) <= fa->fa_size);
|
||||
return (off >= 0) && (off < fa->fa_size) && (len <= (fa->fa_size - off));
|
||||
}
|
||||
|
||||
#endif /* ZEPHYR_SUBSYS_STORAGE_FLASH_MAP_PRIV_H_ */
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue