| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <5b203f2a-755a-448b-946a-f14d6060dbb7@denx.de>
Date: Sun, 17 Nov 2024 23:06:27 +0100
From: Marek Vasut <marex@...x.de>
To: Kees Cook <kees@...nel.org>, Dmitry Torokhov <dmitry.torokhov@...il.com>
Cc: Andy Shevchenko <andriy.shevchenko@...ux.intel.com>,
Linus Walleij <linus.walleij@...aro.org>, Arnd Bergmann <arnd@...db.de>,
Luca Ellero <l.ellero@...m.it>, linux-input@...r.kernel.org,
Alexander Stein <alexander.stein@...tq-group.com>,
Al Viro <viro@...iv.linux.org.uk>, linux-kernel@...r.kernel.org,
linux-hardening@...r.kernel.org
Subject: Re: [PATCH] Input: ads7846 - Expand xfer array to match usage
On 11/17/24 4:34 AM, Kees Cook wrote:
> Commit 781a07da9bb9 ("Input: ads7846 - add dummy command register
> clearing cycle") added commands to struct ser_req::xfer without
> expanding it to hold them. Expand the array to the correct size.
>
> ../drivers/input/touchscreen/ads7846.c: In function 'ads7846_read12_ser':
> ../drivers/input/touchscreen/ads7846.c:416:18: error: array subscript 7 is above array bounds of 'struct spi_transfer[6]' [-Werror=array-bounds=]
> 416 | req->xfer[7].rx_buf = &req->scratch;
> | ~~~~~~~~~^~~
> ../drivers/input/touchscreen/ads7846.c:334:33: note: while referencing 'xfer'
> 334 | struct spi_transfer xfer[6];
> | ^~~~
>
> Fixes: 781a07da9bb9 ("Input: ads7846 - add dummy command register clearing cycle")
> Signed-off-by: Kees Cook <kees@...nel.org>
I think Nathan already sent a fix too.
Thanks !
Powered by blists - more mailing lists