firmware: arm_ffa: Fix memory corruption in ffa_msg_send2()
The "msg" pointer is a struct and msg->offset is the sizeof(*msg). The
pointer here math means the memcpy() will write outside the bounds.
Cast "msg" to a u8 pointer to fix this.
Fixes: 02c19d84c7c5 ("firmware: arm_ffa: Add support for FFA_MSG_SEND2")
Signed-off-by: Dan Carpenter <dan.carpenter@linaro.org>
Link: https://lore.kernel.org/r/cd5fb6b5-81fa-4a6d-b2b8-284ca704bbff@moroto.mountain
Signed-off-by: Sudeep Holla <sudeep.holla@arm.com>
projects / thirdparty / linux.git / commit
