[ros-diffs] [reactos] 04/05: [USBPORT] Avoid a benign integer overflow in USBHI_QueryDeviceInformation (CID 1419219).

https://git.reactos.org/?p=reactos.git;a=commitdiff;h=a45779a12f70f3c43a5b7… commit a45779a12f70f3c43a5b78c7bdf3478c71accccb Author: Thomas Faber &lt;thomas.faber(a)reactos.org&gt; AuthorDate: Wed Oct 11 17:59:43 2017 +0200 [USBPORT] Avoid a benign integer overflow in USBHI_QueryDeviceInformation (CID 1419219). --- drivers/usb/usbport/iface.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/drivers/usb/usbport/iface.c b/drivers/usb/usbport/iface.c index 39f42e77ba..4e56811eb7 100644 --- a/drivers/usb/usbport/iface.c +++ b/drivers/usb/usbport/iface.c @@ -211,8 +211,8 @@ USBHI_QueryDeviceInformation(IN PVOID BusContext, } } - ActualLength = sizeof(USB_DEVICE_INFORMATION_0) + - (NumberOfOpenPipes - 1) * sizeof(USB_PIPE_INFORMATION_0); + ActualLength = FIELD_OFFSET(USB_DEVICE_INFORMATION_0, PipeList) + + NumberOfOpenPipes * sizeof(USB_PIPE_INFORMATION_0); if (DeviceInfoBufferLen < ActualLength) {