net/packet: fix overflow in check for priv area size
authorAndrey Konovalov <andreyknvl@google.com>
Wed, 29 Mar 2017 14:11:20 +0000 (16:11 +0200)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Tue, 18 Apr 2017 05:14:37 +0000 (07:14 +0200)
commitd35f8fa0b93e61dd95b8f86928a783c4d8a32d3e
treed6656c73917580b7a1feb3b113746788a754a1b9
parentfd8bae310684b557c0b30ae9105420956a41494f
net/packet: fix overflow in check for priv area size

commit 2b6867c2ce76c596676bec7d2d525af525fdc6e2 upstream.

Subtracting tp_sizeof_priv from tp_block_size and casting to int
to check whether one is less then the other doesn't always work
(both of them are unsigned ints).

Compare them as is instead.

Also cast tp_sizeof_priv to u64 before using BLK_PLUS_PRIV, as
it can overflow inside BLK_PLUS_PRIV otherwise.

Signed-off-by: Andrey Konovalov <andreyknvl@google.com>
Acked-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
net/packet/af_packet.c