From f4cf004d273523494bb276c3317c0c8f17a48c59 Mon Sep 17 00:00:00 2001
From: Samuel Obuch <samuel.obuch@codasip.com>
Date: Tue, 27 Sep 2022 13:21:03 +0200
Subject: [PATCH] net: emaclite: fix handling for IP packets with specific
 lengths

The maximum length is capped similarly to the emaclite_send function.
Avoid integer underflow for values of ip->ip_len < 30, the minimum
length of an IP packet is 21 bytes.

Signed-off-by: Samuel Obuch <samuel.obuch@codasip.com>
Reviewed-by: Ramon Fried <rfried.dev@gmail.com>
Link: https://lore.kernel.org/r/20220927112103.155689-3-samuel.obuch@codasip.com
Signed-off-by: Michal Simek <michal.simek@amd.com>
---
 drivers/net/xilinx_emaclite.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/drivers/net/xilinx_emaclite.c b/drivers/net/xilinx_emaclite.c
index a4851ad36f..16ba915fba 100644
--- a/drivers/net/xilinx_emaclite.c
+++ b/drivers/net/xilinx_emaclite.c
@@ -517,6 +517,8 @@ try_again:
 		length = ntohs(ip->ip_len);
 		length += ETHER_HDR_SIZE + ETH_FCS_LEN;
 		debug("IP Packet %x\n", length);
+		if (length > PKTSIZE)
+			length = PKTSIZE;
 		break;
 	default:
 		debug("Other Packet\n");
@@ -525,7 +527,7 @@ try_again:
 	}
 
 	/* Read the rest of the packet which is longer then first read */
-	if (length != first_read)
+	if (length > first_read)
 		xemaclite_alignedread(addr + first_read,
 				      etherrxbuff + first_read,
 				      length - first_read);
-- 
2.39.5