rpmsg: validate incoming message length before propagating
authorOhad Ben-Cohen <ohad@wizery.com>
Tue, 28 Feb 2012 14:16:48 +0000 (16:16 +0200)
committerOhad Ben-Cohen <ohad@wizery.com>
Tue, 28 Feb 2012 17:10:04 +0000 (19:10 +0200)
commit9648224e564aa0d6e3a803bd0e056802cc97297c
tree2d097e820dbbc0e8ee65e9e53306e69331c29b9b
parentfa2d7795b2e859574c86cf186e488d12178d51b3
rpmsg: validate incoming message length before propagating

When an inbound message arrives, validate its reported length before
propagating it, otherwise buggy (or malicious) remote processors might
trick us into accessing memory which we really shouldn't.

Signed-off-by: Ohad Ben-Cohen <ohad@wizery.com>
Cc: Grant Likely <grant.likely@secretlab.ca>
Cc: Arnd Bergmann <arnd@arndb.de>
Cc: Mark Grosen <mgrosen@ti.com>
Cc: Suman Anna <s-anna@ti.com>
Cc: Fernando Guzman Lugo <fernando.lugo@ti.com>
Cc: Rob Clark <rob@ti.com>
Cc: Ludovic BARRE <ludovic.barre@stericsson.com>
Cc: Loic PALLARDY <loic.pallardy@stericsson.com>
Cc: Omar Ramirez Luna <omar.luna@linaro.org>
drivers/rpmsg/virtio_rpmsg_bus.c