Make sure the kernel always returns events properly. This is guaranteed
right now, otherwise, we do something really wrong. But lets be sure and
verify the received values properly. This also silences some coverity
warnings.
for (i = 0; i < l; i += event->length) {
event = (void*)&buf[i];
for (i = 0; i < l; i += event->length) {
event = (void*)&buf[i];
- if (i + event->length > l) {
+ if (i + (ssize_t)sizeof(*event) > l || i + (ssize_t)event->length > l) {
log_debug("grdrm: %s/%s: truncated event", card->base.session->name, card->base.name);
break;
}
log_debug("grdrm: %s/%s: truncated event", card->base.session->name, card->base.name);
break;
}