Fixed integer overflow in iwl_write_to_user_buf (Linux Wireless)

On Wed, Jun 15, 2022 at 09:06:51AM +0200, Johannes Berg wrote:
> On Tue, 2022-06-14 at 10:33 -0700, Hyunwoo Kim wrote:
> > An integer overflow occurs in the iwl_write_to_user_buf() function,
> >    which is called by the iwl_dbgfs_monitor_data_read() function.
> > 
> Out of curiosity, how did you find this?

I found it while analyzing several device drivers as a personal hobby.

I also want to ask you one question.
While analyzing several device drivers, I found several such integer overflow 
or race condition problems, and made and submitted a patch.

However, there is no response whether this patch has been accepted or rejected. 
In this case, do I have to send an email to the higher level maintainer? Or do I have to wait?

Hyunwoo Kim

Read more here: Source link