The type of size is unsigned, if size is 0x4000, there will be an
integer overflow, size will be zero after size *= sizeof(uint32_t),
will cause uninitialized memory to be referenced later
Signed-off-by: hackyzh002
---
drivers/gpu/drm/radeon/radeon_cs.c | 2 +-
1 file changed, 1 insertion(+)
Am 19.04.23 um 10:57 schrieb hackyzh002:
The type of size is unsigned, if size is 0x4000, there will be an
integer overflow, size will be zero after size *= sizeof(uint32_t),
will cause uninitialized memory to be referenced later
Signed-off-by: hackyzh002
---
drivers/gpu/drm/radeon/radeon
