| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 23 Aug 2017 09:20:22 +0200
From: Linus Walleij <linus.walleij@...aro.org>
To: Dan Carpenter <dan.carpenter@...cle.com>,
Geert Uytterhoeven <geert+renesas@...der.be>,
jacopo <jacopo@...ndi.org>
Cc: Jacopo Mondi <jacopo+renesas@...ndi.org>,
"linux-gpio@...r.kernel.org" <linux-gpio@...r.kernel.org>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
kernel-janitors@...r.kernel.org
Subject: Re: [PATCH] pinctrl: rza1: off by one in rza1_parse_gpiochip()
On Fri, Aug 18, 2017 at 12:32 PM, Dan Carpenter
<dan.carpenter@...cle.com> wrote:
> The rza1_pctl->ports[] array has RZA1_NPORTS (12) elements. The > here
> should be >= to prevent an out of bounds access.
>
> Fixes: 5a49b644b307 ("pinctrl: Renesas RZ/A1 pin and gpio controller")
> Signed-off-by: Dan Carpenter <dan.carpenter@...cle.com>
>
> diff --git a/drivers/pinctrl/pinctrl-rza1.c b/drivers/pinctrl/pinctrl-rza1.c
> index 7e30134b3d18..464dbf2f0816 100644
> --- a/drivers/pinctrl/pinctrl-rza1.c
> +++ b/drivers/pinctrl/pinctrl-rza1.c
> @@ -1088,7 +1088,7 @@ static int rza1_parse_gpiochip(struct rza1_pinctrl *rza1_pctl,
> */
> pinctrl_base = of_args.args[1];
> gpioport = RZA1_PIN_ID_TO_PORT(pinctrl_base);
> - if (gpioport > RZA1_NPORTS) {
> + if (gpioport >= RZA1_NPORTS) {
> dev_err(rza1_pctl->dev,
> "Invalid values in property %s\n", list_name);
> return -EINVAL;
Geert/Jacopo, can any of you ACK this?
Yours,
Linus Walleij
Powered by blists - more mailing lists