| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20141123185200.GD4431@pengutronix.de> Date: Sun, 23 Nov 2014 19:52:00 +0100 From: Uwe Kleine-König <u.kleine-koenig@...gutronix.de> To: Wolfram Sang <wsa@...-dreams.de> Cc: linux-i2c@...r.kernel.org, linux-sh@...r.kernel.org, Magnus Damm <magnus.damm@...il.com>, linux-kernel@...r.kernel.org, Jean Delvare <jdelvare@...e.de>, Simon Horman <horms@...ge.net.au>, Geert Uytterhoeven <geert@...ux-m68k.org>, Laurent Pinchart <laurent.pinchart@...asonboard.com>, linux-arm-kernel@...ts.infradead.org Subject: Re: [PATCH 2/3] i2c: slave-eeprom: add eeprom simulator driver Hallo Wolfram, On Sat, Nov 22, 2014 at 07:14:06PM +0100, Wolfram Sang wrote: > > > > + case I2C_SLAVE_REQ_READ_END: > > > > + eeprom->buffer_idx++; > > > You don't check here for buffer_idx >= ARRAY_SIZE(buffer)? > > > Ditto in the I2C_SLAVE_REQ_WRITE_END case. > > I just noticed that buffer_idx is an u8, so it overflows at 255+1. So > > the probe routine should error out if size is bigger than 256. > > But size is currently fixed to 256, so all is fine. Yes, if we extend it > for bigger sizes, all that stuff needs to be taken care of, right. yeah, it's well hidden, but true. So IMHO worth a comment. Best regards Uwe -- Pengutronix e.K. | Uwe Kleine-König | Industrial Linux Solutions | http://www.pengutronix.de/ | -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists