w1: avoid potential u16 overflow

Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
Acked-by: Evgeniy Polyakov <zbr@ioremap.net>
Signed-off-by: David Fries <David@Fries.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

diff --git a/drivers/w1/w1_netlink.c b/drivers/w1/w1_netlink.c
index dd96562..881597a 100644 (file)
--- a/drivers/w1/w1_netlink.c
+++ b/drivers/w1/w1_netlink.c
@@ -598,7 +598,7 @@ static void w1_cn_callback(struct cn_msg *cn, struct netlink_skb_parms *nsp)
        msg = (struct w1_netlink_msg *)(cn + 1);
        if (node_count) {
                int size;
-               u16 reply_size = sizeof(*cn) + cn->len + slave_len;
+               int reply_size = sizeof(*cn) + cn->len + slave_len;
                if (cn->flags & W1_CN_BUNDLE) {
                        /* bundling duplicats some of the messages */
                        reply_size += 2 * cmd_count * (sizeof(struct cn_msg) +