[media] rc: ir-lirc-codec: fix potential integer overflow
authorVasiliy Kulikov <segoon@openwall.com>
Fri, 26 Nov 2010 17:06:35 +0000 (14:06 -0300)
committerMauro Carvalho Chehab <mchehab@redhat.com>
Wed, 29 Dec 2010 10:17:02 +0000 (08:17 -0200)
commit4c8b8698053c986f5f5249878eab70cb028a1023
treed7e6f5b35bc7b7a2cf9dd26436177f02d6ac2e77
parent87d1a50ce45168cbaec10397e876286a398052c1
[media] rc: ir-lirc-codec: fix potential integer overflow

'n' may be bigger than MAX_INT*sizeof(int), if so checking of truncated
(int)(n/sizeof(int)) for LIRCBUF_SIZE overflow and then using nontruncated 'count'
doesn't make sense.  Also n may be up to sizeof(int)-1 bytes bigger than expected,
so check value of (n % sizeof(int)) too.

Signed-off-by: Vasiliy Kulikov <segoon@openwall.com>
Acked-by: Jarod Wilson <jarod@redhat.com>
Signed-off-by: Mauro Carvalho Chehab <mchehab@redhat.com>
drivers/media/rc/ir-lirc-codec.c