For large values of item->size, the 'part' pointer can wrap around,
which results in an illegal pointer, but currently passes the for-loop
condition.
#define KDBUS_ITEM_FOREACH(part, head, first) \
for (part = (head)->first; \
- (uint8_t *)(part) < (uint8_t *)(head) + (head)->size; \
+ ((uint8_t *)(part) < (uint8_t *)(head) + (head)->size) && \
+ ((uint8_t *) part >= (uint8_t *) head); \
part = KDBUS_ITEM_NEXT(part))
#define KDBUS_ITEM_HEADER_SIZE offsetof(struct kdbus_item, data)