The type of size is unsigned int, if size is 0x4000, there will
be an integer overflow, size will be zero after size *= sizeof(uint32_t),
will cause uninitialized memory to be referenced later.
Signed-off-by: hackyzh002
---
drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c | 4 ++--
1 file changed, 2
The type of size is unsigned, if size is 0x4000, there will be an
integer overflow, size will be zero after size *= sizeof(uint32_t),
will cause uninitialized memory to be referenced later
Signed-off-by: hackyzh002
---
drivers/gpu/drm/radeon/radeon_cs.c | 3 ++-
1 file changed, 2 insertions
The type of size is unsigned, if size is 0x4000, there will be an
integer overflow, size will be zero after size *= sizeof(uint32_t),
will cause uninitialized memory to be referenced later
Signed-off-by: hackyzh002
---
drivers/gpu/drm/radeon/radeon_cs.c | 2 +-
1 file changed, 1 insertion
The type of size is unsigned, if size is 0x4000, there will be an
integer overflow, size will be zero after size *= sizeof(uint32_t),
will cause uninitialized memory to be referenced later
Signed-off-by: hackyzh002
---
drivers/gpu/drm/radeon/radeon_cs.c | 4 ++--
1 file changed, 2
The type of size is unsigned int, if size is 0x4000, there will
be an integer overflow, size will be zero after size *= sizeof(uint32_t),
will cause uninitialized memory to be referenced later.
Signed-off-by: hackyzh002
---
drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c | 2 +-
1 file changed, 1
The type of size is unsigned int, if size is 0x4000, there will
be an integer overflow, size will be zero after size *= sizeof(uint32_t),
will cause uninitialized memory to be referenced later.
Signed-off-by: hackyzh002
---
drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c | 4 ++--
1 file changed, 2
